Exploits a stack buffer overflow in AT-TFTP & XDB ftp password buffer overflow vulnerability.

Exploits a stack buffer overflow in AT-TFTP & XDB ftp password buffer overflow vulnerability.

+ Exploits a stack buffer overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name.
Extracted from Metasploit.
TODO: adjust -pick the right return address for the appropriate target
Usage: python oracle_xdb_ftp_pass-exploit.py <IP Address> <Port> <Your IP Address

+ Exploits Oracle 9i XDB ftp password buffer overflow vulnerability.
TODO: adjust
– rhost to point to the right target
– rport to use the right port
Execution: python oracle_xdb_ftp_pass-exploit.py

attftp_long_filename.py Script:

 
python oracle_xdb_ftp_pass-exploit.py Script:

Source: https://github.com/Re4son