Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

imap fuzzing

From: Robin Wood <dninja () gmail com>
Date: Fri, 1 Jan 2010 23:35:29 +0000
I'm on to the IMAP fuzzing section in Metasploit Unleashed and the
sample code has a small bug in it. The code given fails on the

print_status(res)

statement when the IMAP server crashes as res is nil so print_status
can't convert it to a string to print it.

Here is a patch that checks for nil and prints a nice message instead.

--- imap_broken.rb      2010-01-01 23:33:46.000000000 +0000
+++ imap_fuzz.rb        2010-01-01 23:29:05.000000000 +0000
@@ -45,7 +45,12 @@
             req = '0002 LIST () "/' + fuzzed + '" "PWNED"' + "\r\n"
             print_status(req)
             res = raw_send_recv(req)
+                       if !res.nil?
             print_status(res)
+                       else
+                               print_status("Server crashed, no response")
+                               break
+                       end
             disconnect()
         end
     end

Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: