New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
comsnd ftp remote format string overflow exploit #481
Conversation
Will be looking at this today, thanks |
Module doesn't work for me. Here's my log (Windows XP SP3):
|
|
||
def initialize(info = {}) | ||
super(update_info(info, | ||
'Name' => 'ComSndFTP v1.3.7 Beta USER Format String Overflow', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it a format string bug, or an overflow?
yeah format string sorry, not 'overflow' |
can you give me a kb from the access violation? which target were you testing? why dump bytes of 0x71ab2636 and 0x00408d16? |
sorry 'kv' |
Oh, I thought that would be useful for you. Guess not :-) I'll retest soon, thanks. |
My ghetto test results show it failed the very first time, and then began to work consistently over and over again. I'll do a bit more testing before committing. |
comsnd ftp remote format string overflow exploit