CVE-2018-10388 PoC — Open TFTP Server SP 格式化字符串错误漏洞

Source

https://github.com/0xddaa/CVE-2018-10388

Associated Vulnerability

Title:Open TFTP Server SP 格式化字符串错误漏洞 (CVE-2018-10388)
Description:Open TFTP Server SP是一款文件传输服务器。 Open TFTP Server SP 1.66及之前版本中的‘logMess’函数存在格式化字符串错误漏洞。远程攻击者可借助TFTP错误数据包中的格式化字符串序列利用该漏洞造成拒绝服务或执行任意代码。

Description

practice

File Snapshot


 [4.0K]  /data/pocs/53bf226eff2a86fa122a0860356dee0062a3fe0b
├── [4.0K]  docker
│   ├── [ 502]  build.sh
│   ├── [ 275]  docker-compose.yml
│   ├── [ 363]  Dockerfile
│   ├── [4.0K]  share
│   │   ├── [  37]  flag
│   │   └── [ 749]  start.py
│   ├── [4.0K]  source
│   │   ├── [  80]  Makefile
│   │   ├── [112K]  opentftpd
│   │   ├── [ 60K]  opentftpd.cpp
│   │   └── [4.5K]  opentftpd.h
│   ├── [4.0K]  tmp
│   │   └── [ 107]  opentftp.ini
│   └── [ 308]  xinetd
└── [4.0K]  example
    ├── [ 553]  4.py
    ├── [ 504]  5.py
    ├── [1.4K]  6.py
    ├── [ 857]  7.py
    └── [1.9K]  exp.py

5 directories, 16 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!