Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

ncrack bug: Cisco banner makes ncrack revision 16899 dump cire

From: eric gisse <jowr.pi () gmail com>
Date: Sun, 28 Feb 2010 17:38:44 -0800
If one uses the current revision of ncrack to attempt to pentest a
Cisco router with a ssh banner as follows:

-----------------------------------------------------------------------
                               ||        ||
                               ||        ||
                              ||||      ||||
                          ..:||||||:..:||||||:..
                         c i s c o S y s t e m s
                     *****AUTHORIZED USERS ONLY*****

          If not authorized to access this system, disconnect now.

               YOU SHOULD HAVE NO EXPECTATION OF PRIVACY.
          By continuing, you consent to your keystrokes and
                    data content being monitored.

-----------------------------------------------------------------------
Password:

...ncrack will fail in this fashion, with the following command line arguments:

# ncrack -U users -P passes -iX scan.xml -p ssh -v -v -v -v -d10
--connection-limit 1

Starting Ncrack 0.01ALPHA ( http://ncrack.org ) at 2010-03-01 01:18 UTC

ssh://xxx.xxx.xxx.xxx:22 Initiating new Connection
ncrack: nsock_core.c:474: handle_write_result: Assertion `bytesleft > 0' failed.
Aborted (core dumped)

This seems to be a persistent problem. I don't know how to fix this
myself, so I'll just make a bug report. I'll gladly fill in more
details if requested.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: