### Building the environment:

1. Clone this repo `git clone https://github.com/rohilchaudhry/CVE-2024-48208`

2. `docker build . -t "ftpd-cve"`

3. `docker run -d --name pure-ftpd -p 21-22:21-22 ftpd-cve`

> If you'd like to debug, `pwndbg` & `GDB` are installed on the image. You can ssh by `ssh root@localhost` -> `password`.

## Running the Exploit:

Confirm that the docker image was installed correctly by running `nc localhost 21` on your local machine. Typing in `USER bob` and then `PASS password0` should look like the following:
```bash
nc localhost 21
b'220 
USER bob
b'331 
PASS password0
230 test
```

SSH into the container, navigate to `/home/eve/` and then run `python3 pure.py localhost 21 eve password1 <dir>`.