You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"description": "This module exploits the KarjaSoft Sami FTP Server version 2.02\n by sending an excessively long USER string. The stack is overwritten\n when the administrator attempts to view the FTP logs. Therefore, this exploit\n is passive and requires end-user interaction. Keep this in mind when selecting\n payloads. When the server is restarted, it will re-execute the exploit until\n the logfile is manually deleted via the file system.",
123143
+
"description": "This module exploits an unauthenticated stack buffer overflow in\n KarjaSoft Sami FTP Server version 2.0.2 by sending an overly long\nUSER string during login.\n\n The payload is triggered when the administrator opens the application\n GUI. If the GUI window is open at the time of exploitation, the\n payload will be executed immediately. Keep this in mind when selecting\n payloads. The application will crash following execution of the\n payload and will not restart automatically.\n\n When the application is restarted, it will re-execute the payload\n unless the payload has been manually removed from the SamiFTP.binlog\n log file.\n\n This module has been tested successfully on Sami FTP Server versions:\n 2.0.2 on Windows XP SP0 (x86);\n 2.0.2 on Windows 7 SP1 (x86);\n 2.0.2 on Windows 7 SP1 (x64); and\n 2.0.2 on Windows 10 (1909) (x64).",
0 commit comments