Revising Vulnerabilities - FTPShell 6.7 Client (Buffer Overflow)
Big thx to @va_start for shaping up the writeup (; Short disclaimer The following writeup is a basic self-exercise of exploiting a known vulnerability that was already disclosed, there isn’t anything new here (: Goal While we know for sure there is a vulnerability from one of the most basic bug type classes (buffer overflow), the goal of this exercise is to attempt and find the overflow and exploit it ourselves. Our vulnerable target is an FTP client which we’ll exploit from the server-side. The exploit scenario is unlikely as it would require a victim to connect to an attacker-controlled FTP server. Nonetheless it’s a great exercise. Intro Before diving into the client application and attempting to map its logic, we should start by making sure were familiar with the typical FTP protocol flow. We won’t go over the details here, but you’re more than welcome to cover it quickly :) What’s important in our case are the following: The USER, PA