Nmap Development mailing list archives
Re: Sounds like ftp-anon needs work?
From: Gutek <ange.gutek () gmail com>
Date: Sun, 30 May 2010 08:48:19 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Please find attached a new version according to the comments - - Buffer-reading function - - R/W ability is now an option, enabled with --script-args rw=test - - R/W : if unable to RMD our crap, at least warn the user I send it right now despite the fact that it does not checks for other directories but root, so that we can start comments/testing. In the meanwhile, i'm thinking about editing the read/write check part : - - Try to LIST and table{} the directories - - for each Dir in Table{}, check write-ability. Maybe a depth and/or max dir question, here ? It could take a very long time on a huge ftp OR "the brute-force behavior" - - establish a list of common / known / default Dir names - - Check them (if they exist of course). It could be fast this way, but also could miss some. Anyway, here are the new Outputs I propose: - --- - -- @output - --- Default behavior - -- PORT STATE SERVICE - -- 21/tcp open ftp - -- | ftp-anon: Anonymous FTP login allowed (FTP code 230) - -- |_(you can test Read/Write with --script-args rw=test) - -- - -- - -- Is writeable, but something occured when trying to clean our tracks - -- 21/tcp open ftp - -- | ftp-anon: Anonymous FTP login allowed (FTP code 230) (Writeable) - -- |_/!\ WARNING : we may have left a directory behind us, unable to remove it ! (FTP code 500) - -- - -- - -- Is readable - -- 21/tcp open ftp - -- |_ftp-anon: Anonymous FTP login allowed (FTP code 230) (Readable) Note that in Default Behavior I suggest the args option to the user. Nothing to do with the topic, but I've noticed that around me some users are not really aware about scripts arguments, or forget that they exist for a given script. A.G -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkwCCjMACgkQ3aDTTO0ha7gw2QCdEbnAOHfUut322Wkh5lZIFhXj pk0AnjqaQZp3tpOFk+W79quX8eqxgUNz =IDVE -----END PGP SIGNATURE-----
Attachment:
ftp-anon-rw-v3.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Sounds like ftp-anon needs work?, (continued)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (May 20)
- Re: Sounds like ftp-anon needs work? David Fifield (May 20)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (May 20)
- Re: Sounds like ftp-anon needs work? Ron (May 20)
- RE: Sounds like ftp-anon needs work? Rob Nicholls (May 22)
- Re: Sounds like ftp-anon needs work? Gutek (May 22)
- Re: Sounds like ftp-anon needs work? SM (May 23)
- Re: Sounds like ftp-anon needs work? David Fifield (May 27)
- Re: Sounds like ftp-anon needs work? Ron (May 27)
- Re: Sounds like ftp-anon needs work? Fyodor (May 29)
- Re: Sounds like ftp-anon needs work? Gutek (May 29)
- Re: Sounds like ftp-anon needs work? Richard Miles (May 30)
- Re: Sounds like ftp-anon needs work? Fyodor (May 30)
- Re: Sounds like ftp-anon needs work? David Fifield (May 31)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 01)
- Re: Sounds like ftp-anon needs work? Gutek (Jun 01)
- Re: Sounds like ftp-anon needs work? David Fifield (Jun 01)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 01)
- Re: Sounds like ftp-anon needs work? David Fifield (Jun 01)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 04)
- Re: Sounds like ftp-anon needs work? David Fifield (Jun 04)