Now that you have a basic understanding of how to create a
protocol description using Sulley primitives, let's apply it to a real target,
WarFTPD 1.65, which has a known stack overflow when
passing in overly long values for the
PASS commands. Both of those commands are used to
authenticate an FTP user to the server so that the user can perform file
transfer operations on the host the server daemon is running on.
Download WarFTPD from
Then run the installer. It will unzip the WarFTPD daemon into the
current working directory; you simply have to run
warftpd.exe to get the server going. Let's take a quick look at the FTP protocol so that ...