Re: Sounds like ftp-anon needs work?

[Rob Nicholls <robert () robnicholls co uk>]

On Mon, 31 May 2010 13:28:40 -0600, David Fifield <david () bamsoftware com>
wrote:
> Something I didn't consider before: Do all FTP servers send a banner? If
> not, the script should begin by sending "USER anonymous", then read a
> single reply, and if it looks like a banner, discard it and continue
> processing.

I'm not aware of having seen any that don't return a banner, but I've only
been testing up to a couple thousand FTP servers, so it's possible there
are some unusual servers out there to be found with an -iR.

With Gutek's latest version of the script, I've seen a lot of warnings
about unhandled answers for the 530 code. Some of them are simply
complaining about "The response 'IEUser () ' is not valid" that I think can
easily be solved by sending IEUser@ instead (which is how previous versions
of the script sent the password, and matches what IE normally sends).

220 FTP server ready. Anonymous access only.
User (xx.xx.xx.xx:(none)): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
530-The response 'IEUser ()' is not valid
530-Please use your e-mail address as your password
530-   for example: joe () xx xx xx xx or joe@
530-[xx.xx.xx.xx will be added if password ends with @]
530 Login incorrect.

Others simply return fairly normal responses like "530 Login incorrect."
and just need to be handled. I assume that any servers above the user limit
would be treated as if a login had definitely failed:

530-
530-    Sorry, there are too many users using the system at this time.
530-    There is currently a limit of 10 users.  Please try again later.
530-
530 Login incorrect.

Or should we try to search for user limit responses and warn that it
wasn't possible to determine whether anonymous login was successful?

Rob

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/