Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

ncrack_pop3.cc minor error

From: Ryan Hayward <rhhayward () att net>
Date: Tue, 21 Sep 2010 14:31:04 -0500
In the ncrack_pop3.cc the con->user was being transmitted as the password. Patch below 


--- ncrack_pop3.cc      2010-09-21 14:29:12.000000000 -0500
+++ ncrack_pop3.cc_orig 2010-09-21 14:29:01.000000000 -0500
@@ -201,7 +201,7 @@
       if (con->outbuf)
         delete con->outbuf;
       con->outbuf = new Buf();
- con->outbuf->snprintf(7 + strlen(con->pass), "PASS %s\r\n", con->pass); + con->outbuf->snprintf(7 + strlen(con->user), "PASS %s\r\n", con->user); 

       nsock_write(nsp, nsi, ncrack_write_handler, POP3_TIMEOUT, con,
(const char *)con->outbuf->get_dataptr(), con->outbuf->get_len()); 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: