This module exploits a stack overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account) This exploit module was written by Kingcope ( and hdm (

microsoft_ftpd_nlst from 4xteam on Vimeo.