TABLE OF CONTENTS The Metasploit Framework (MSF) provides you with the right tools to work creatively with vulnerabilities. It doesn't waste time rebuilding code that is common across multiple exploits and performing repetitive actions in the "exploit development cycle." Instead, it saves time for finding new, ingenious ways to take advantage of old and new vulnerabilities. In addition, MSF is an excellent learning tool for people who want to understand the "world" of overflows and develop new techniques by working with real-world vulnerabilities, instead of working on preconceived examples with preconceived solutions. This case study details one of those real-world vulnerabilities. It explains how the module was created from the beginning and how it reached its final state.
The Ipswitch WS-FTP server is a common FTP server. At the moment, the latest available version of it doesn't suffer from this vulnerability, but it is possible to find vulnerable versions still in use. In 2004, multiple remote buffer overflow vulnerabilities where reported in the Ipswitch WS-FTP server version 5.03 by security researcher Reed Arvin when using a "fuzzer" against this server. As with the majority of overflows, the issues are due to a failure in the application to properly validate the length of user-supplied strings prior to copying them into buffers. In this specific case, the overflow is triggered when an attacker, after authenticating, tries to create a directory (using the MKD command) with a huge name. An attacker can exploit these issues and...
