Nmap Development mailing list archives
Re: Bug in anonFTP.nse
From: David Fifield <david () bamsoftware com>
Date: Tue, 3 Jun 2008 17:04:37 -0600
On Tue, Jun 03, 2008 at 10:54:10PM +0100, Eddie Bell wrote:
NSOCK (0.2980s) Callback: READ SUCCESS for EID 178 [Y.Y.Y.Y:21] (77 bytes): 220 (vsFTPd 2.0.5)..331 Please specify the password...230 Login successful...What hex separates the password prompt from the status code? I guess it's a different eol sequence that "^" doesn't catch for some reason.
It's \r\n. The code that matches it is if string.match(result, "^230") then I don't know if string.match is supposed to match embedded newlines? It seems like the real problem is the line before: status, result = socket:receive_lines(1); Where receive_lines is returning more than one line. It's a wrapper for nsock_readlines, which has this comment: /* Read up to nlines lines (terminated with \n, which of course inclues \r\n), or until EOF, or until the timeout, whichever comes first. Note that NSE_STATUS_SUCCESS will be returned in the case of EOF or tiemout if at least 1 char has been read. Also note that you may get more than 'nlines' back -- we just stop once "at least" 'nlines' is read */ David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Bug in anonFTP.nse David Fifield (Jun 03)
- Re: Bug in anonFTP.nse Eddie Bell (Jun 03)
- Re: Bug in anonFTP.nse David Fifield (Jun 03)
- Re: Bug in anonFTP.nse Kris Katterjohn (Jun 03)
- Re: Bug in anonFTP.nse Eddie Bell (Jun 04)
- Re: Bug in anonFTP.nse David Fifield (Jun 03)
- Re: Bug in anonFTP.nse Eddie Bell (Jun 03)