Metasploit mailing list archives
Re: fuzzers/ftp/ftp_pre_post Bugs
From: Peter Van Eeckhoutte <peter.ve () corelan be>
Date: Wed, 20 Oct 2010 13:21:30 +0200
Hey Jacky Jack, Sorry for not getting back to you sooner I have sent in a patch to msf, which should allow you to ignore connreset errors The patch also includes an option to define the number of consecutive errors before the module should conclude the ftp server is unreachable With regards to the broken pipe - have you tried increasing the delay ? ./showsignature [+] Peter Van Eeckhoutte "corelanc0d3r" peter.ve () corelan be [+] My Blog : http://www.corelan.be:8800 (IPv4 and IPv6) [+] Projects : http://redmine.corelan.be:8800 [+] Twitter : https://twitter.com/corelanc0d3r [+] RIPE Handle PVE50-RIPE [+] PGP public key : http://www.corelan.be:8800/0x8121d7ad6feca492.asc -----Original Message----- From: Jacky Jack [mailto:jacksonsmth698 () gmail com] Sent: donderdag 5 augustus 2010 9:33 To: framework () spool metasploit com Cc: Peter Van Eeckhoutte Subject: fuzzers/ftp/ftp_pre_post Bugs Hi One assumption flaw in the fuzzer is that it - assumes "connection reset" as ftp service crash (some ftp servers response "connection reset" when they see overly large string") The other might be related to the framework. I got the following exception message when running on a particular FTP server (which didn't crash) [*] Error: Errno::EPIPE Broken pipe ["/opt/metasploit3/msf3/lib/rex/io/stream.rb:44:in `syswrite'", "/opt/metasploit3/msf3/lib/rex/io/stream.rb:44:in `write'", "/opt/metasploit3/msf3/lib/rex/io/stream.rb:130:in `timed_write'", "/opt/metasploit3/msf3/lib/rex/io/stream.rb:161:in `put'", "(eval):173:in `block (2 levels) in run_host'", "(eval):158:in `each'", "(eval):158:in `block in run_host'", "(eval):156:in `each'", "(eval):156:in `run_host'", "/opt/metasploit3/msf3/lib/msf/core/auxiliary/scanner.rb:92:in `block in run'"] Between stage4 -5, it gave out the above exception message. Then, the fuzzer stopped fuzzings. I re-ran the fuzzer. Same result. So, it seems that I can never finish fuzzing on that FTP server. Thanks. This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments. _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: fuzzers/ftp/ftp_pre_post Bugs Peter Van Eeckhoutte (Oct 20)