Metasploit mailing list archives
imap fuzzing
From: Robin Wood <dninja () gmail com>
Date: Fri, 1 Jan 2010 23:35:29 +0000
I'm on to the IMAP fuzzing section in Metasploit Unleashed and the sample code has a small bug in it. The code given fails on the print_status(res) statement when the IMAP server crashes as res is nil so print_status can't convert it to a string to print it. Here is a patch that checks for nil and prints a nice message instead. --- imap_broken.rb 2010-01-01 23:33:46.000000000 +0000 +++ imap_fuzz.rb 2010-01-01 23:29:05.000000000 +0000 @@ -45,7 +45,12 @@ req = '0002 LIST () "/' + fuzzed + '" "PWNED"' + "\r\n" print_status(req) res = raw_send_recv(req) + if !res.nil? print_status(res) + else + print_status("Server crashed, no response") + break + end disconnect() end end Robin _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- imap fuzzing Robin Wood (Jan 01)