Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: fuzzers/ftp/ftp_pre_post Bugs

From: Peter Van Eeckhoutte <peter.ve () corelan be>
Date: Wed, 20 Oct 2010 13:21:30 +0200
Hey Jacky Jack,

Sorry for not getting back to you sooner

I have sent in a patch to msf, which should allow you to ignore connreset errors
The patch also includes an option to define the number of consecutive errors before the module should conclude the ftp 
server is unreachable

With regards to the broken pipe - have you tried increasing the delay ?






./showsignature
[+] Peter Van Eeckhoutte
    "corelanc0d3r"
    peter.ve () corelan be
[+] My Blog : http://www.corelan.be:8800 (IPv4 and IPv6)
[+] Projects : http://redmine.corelan.be:8800
[+] Twitter : https://twitter.com/corelanc0d3r
[+] RIPE Handle PVE50-RIPE
[+] PGP public key : http://www.corelan.be:8800/0x8121d7ad6feca492.asc


-----Original Message-----
From: Jacky Jack [mailto:jacksonsmth698 () gmail com]
Sent: donderdag 5 augustus 2010 9:33
To: framework () spool metasploit com
Cc: Peter Van Eeckhoutte
Subject: fuzzers/ftp/ftp_pre_post Bugs

Hi

One assumption flaw in the fuzzer is that it

- assumes "connection reset" as ftp service crash (some ftp servers
response "connection reset" when they see overly large string")

The other might be related to the framework.
I got the following exception message when running on a particular FTP
server (which didn't crash)

[*] Error: Errno::EPIPE Broken pipe
["/opt/metasploit3/msf3/lib/rex/io/stream.rb:44:in `syswrite'",
"/opt/metasploit3/msf3/lib/rex/io/stream.rb:44:in `write'",
"/opt/metasploit3/msf3/lib/rex/io/stream.rb:130:in `timed_write'",
"/opt/metasploit3/msf3/lib/rex/io/stream.rb:161:in `put'",
"(eval):173:in `block (2 levels) in run_host'", "(eval):158:in
`each'", "(eval):158:in `block in run_host'", "(eval):156:in `each'",
"(eval):156:in `run_host'",
"/opt/metasploit3/msf3/lib/msf/core/auxiliary/scanner.rb:92:in `block
in run'"]


Between stage4 -5, it gave out the above exception message.
Then, the fuzzer stopped fuzzings.
I re-ran the fuzzer. Same result.
So, it seems that I can never finish fuzzing on that FTP server.


Thanks.

This transmission is intended only for use by the intended recipient(s).  If you are not an intended recipient you 
should not read, disclose, copy, circulate or in any other way use the information contained in this transmission.  The 
information contained in this transmission may be confidential and/or privileged.  If you have received this 
transmission in error, please notify the sender immediately and delete this transmission including any attachments.
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: