LightFTP
LightFTP copied to clipboard
hfiref0x
Small x86-32/x64 FTP Server
I tried to use file-related commands like LIST or RETR or STOR, but they would return: "150 File status okay; about to open data connection. 451 Requested action aborted. Local...
How could i do it? I didn't found much documentation about it.
NLST: command added LIST: file size aligned (console clients in windows) "mm dd hh:mm" when at current year, otherwise "mm dd yy" NLST/LIST: handling commands like: LIST -a /some/folder NLST...
Hi guys, I noticed that the `open()` calls in LightFTP lack the `O_NOFOLLOW` flag, this could lead to trivial privilege escalation or total system compromise by overwriting critical files when...
Key code: `create_datasocket` uses a blocking `connect()` with no timeout; LIST/RETR threads call it immediately. ``` 113:135:/LightFTP/src/ftpserv.c case MODE_NORMAL: client_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); ... if ( connect(client_socket, (const struct...
The server fails to invalidate or reset the Data Connection parameters (data_ip / data_port) when a subsequent PORT command fails parsing or returns an error (e.g., 501 Syntax error). Logic...
Affected Versions: All tagged releases confirmed: v1.0, v1.1, v2.0, v2.1, v2.2, v2.3, v2.3.1 (latest). Deprecated Windows branch shares the same logic. Vulnerability Type Denial of Service / Resource Exhaustion Description:...
I attempted to test LightFTP using state machine learning technology and found that for the LIST command, if no data connection is established, the server may enter an abnormal state...
