Nmap Development mailing list archives
Re: Bug in anonFTP.nse
From: "Eddie Bell" <ejlbell () gmail com>
Date: Tue, 3 Jun 2008 22:54:10 +0100
Hello,
NSOCK (0.2980s) Callback: READ SUCCESS for EID 178 [Y.Y.Y.Y:21] (77 bytes): 220 (vsFTPd 2.0.5)..331 Please specify the password...230 Login successful...
What hex separates the password prompt from the status code? I guess it's a different eol sequence that "^" doesn't catch for some reason. cheers - eddie 2008/6/3 David Fifield <david () bamsoftware com>:
Hi, Sometimes the anonFTP.nse script fails because it sometimes reads more than one line at a time and misses a status code. Here I have exceprted the relevant parts of the --script-trace output. $ nmap -p ftp --script anonFTP --script-trace target SCRIPT ENGINE: TCP X.X.X.X:1289 > Y.Y.Y.Y:21 | CONNECT NSOCK (0.2110s) Write request for 16 bytes to IOD #1 EID 19 [Y.Y.Y.Y:21]: USER anonymous.. NSOCK (0.2120s) Write request for 14 bytes to IOD #1 EID 27 [Y.Y.Y.Y:21]: PASS IEUser@.. NSOCK (0.2140s) Callback: READ SUCCESS for EID 34 [Y.Y.Y.Y:21] (20 bytes): 220 (vsFTPd 2.0.5).. NSOCK (0.2140s) Callback: READ SUCCESS for EID 42 [Y.Y.Y.Y:21] (34 bytes): 331 Please specify the password... NSOCK (0.2160s) Callback: READ SUCCESS for EID 50 [Y.Y.Y.Y:21] (23 bytes): 230 Login successful... Interesting ports: PORT STATE SERVICE 21/tcp open ftp |_ Anonymous FTP: FTP: Anonymous login allowed However if I change the scan a little, $ nmap -p ftp,https -sC --script-trace SCRIPT ENGINE: TCP X.X.X.X:2337 > Y.Y.Y.Y:21 | CONNECT NSOCK (0.2870s) Write request for 16 bytes to IOD #1 EID 83 [Y.Y.Y.Y:21]: USER anonymous.. NSOCK (0.2900s) Write request for 14 bytes to IOD #1 EID 131 [Y.Y.Y.Y:21]: PASS IEUser@.. NSOCK (0.2980s) Callback: READ SUCCESS for EID 178 [Y.Y.Y.Y:21] (77 bytes): 220 (vsFTPd 2.0.5)..331 Please specify the password...230 Login successful... Interesting ports: PORT STATE SERVICE 21/tcp open ftp 443/tcp open https |_ SSLv2: server still supports SSLv2 |_ HTML title: Site doesn't have a title. Notice how all replies came back on one line, so the script didn't get the /^230/ it was looking for. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Bug in anonFTP.nse David Fifield (Jun 03)
- Re: Bug in anonFTP.nse Eddie Bell (Jun 03)
- Re: Bug in anonFTP.nse David Fifield (Jun 03)
- Re: Bug in anonFTP.nse Kris Katterjohn (Jun 03)
- Re: Bug in anonFTP.nse Eddie Bell (Jun 04)
- Re: Bug in anonFTP.nse David Fifield (Jun 03)
- Re: Bug in anonFTP.nse Eddie Bell (Jun 03)