CVE-2014-2973

This Metasploit module exploits a stack-based buffer overflow in BulletProof FTP Client 2010 via an overly long hostname in a .BPS file. It uses an egghunter and SEH overwrite to achieve remote code execution on Windows XP SP3.

This exploit leverages a buffer overflow vulnerability in BulletProof FTP Client 2010 by crafting a malicious session file that triggers an SEH overwrite, leading to arbitrary code execution. The payload includes shellcode to spawn calc.exe and uses a pop-pop-ret gadget from shell32.dll for SEH bypass.

This exploit demonstrates a buffer overflow vulnerability in BulletProof FTP Client 2010 by overwriting the SEH (Structured Exception Handler) with a crafted payload. The PoC generates a malicious file that triggers an access violation when used as the Server Name/IP in the FTP client.

This exploit targets a buffer overflow vulnerability in BulletProof FTP Client 2010 (CVE-2014-2973) using SEH overwrite, egghunter, and heap-based shellcode execution. It bypasses stack size limitations by allocating shellcode in the heap and copying it to the stack.

This Metasploit module exploits a stack-based buffer overflow in BulletProof FTP Client 2010 via a maliciously crafted .BPS file. It uses an egghunter and SEH overwrite to achieve remote code execution on Windows XP SP3.