Re: Sounds like ftp-anon needs work?

[David Fifield <david () bamsoftware com>]

On Tue, Jun 01, 2010 at 08:53:21PM +0100, Rob Nicholls wrote:
> On Tue, 1 Jun 2010 11:22:28 -0600, David Fifield <david () bamsoftware com>
> wrote:
> > I think we're getting too deep into minutiae and special cases. Can you
> > or Rob just write a simple version that handles the most common cases,
> > uses the read_reply function, and doesn't have a looping state machine
> > structure?
>
> I've replaced the loop with a recursive function, I presume this is what
> you had in mind? This version of the script should cope with the common
> cases.

No, that's still not what I was thinking. Can you test the attached
script and see if it works for you?

My point about removing the loop is that we don't want to treat all
reply codes exactly the same for all the commands we send. Like if we
get a 220 in response to USER, we want to quit, not send USER again. I
admit it's tempting to combine all the response code handling, because
of the common behavior of 230, 421, and 530. But that would be better
done in a separate function. Anyway, I think I found a way where that
code only has to be present once.

David Fifield

Attachment: ftp-anon.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/