Post Sun Jan 23, 2011 10:24 am

Golden FTP Exploit

I had my first remote code execution exploit published and I talk about the details on my blog http://networkadminsecrets.blogspot.com/2011/01/golden-ftp-470-pass-remote-exploit.html.

The exploit is here: http://www.exploit-db.com/exploits/16036/

This exploit was strange and I was wondering if anyone can help me figure out one piece that I couldn't figure out. The offset changes depending on the subnet that the FTP server is running on. This obviously makes the exploit less reliable because you have to know the subnet and failed attempts cause a DOS. If anyone has a minute, let me know why you think this might be happening!!