Metasploit_microsoft_ftpd_nlst
This module exploits a stack overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account) This exploit module was written by Kingcope (kcope2@googlemail.com) and hdm (hdm@metasploit.com)
microsoft_ftpd_nlst from 4xteam on Vimeo.
Post a Comment