Re: [NSE] small improvement to ftp-anon

[David Fifield <david () bamsoftware com>]

On Thu, Jul 22, 2010 at 08:26:22AM +0200, Gutek wrote:
> Hi list,
> This small improvement to ftp-anon returns more informations when
> launched in verbose mode.
> It tries to retrieve the ftp root directory listing and, if the server
> also provides dir and files rights (most of the cases), highlights the
> writeable ones (i.e passively, nothing to do with a previous discussion
> about active R/W rights check)
>
> Sample Output :
> - ---
> - -- @output
> - --- with verbosity -v
> - -- PORT   STATE SERVICE
> - -- 21/tcp open  ftp
> - -- | ftp-anon: Anonymous FTP login allowed (FTP code 230)
> - -- | LIST retrieved:
> - -- | total 7
> - -- | -rw-r--r--   1 1170     924            31 Mar 28  2001 .banner
> - -- | d--x--x--x   2 root     root         1024 Jan 14  2002 bin
> - -- | d--x--x--x   2 root     root         1024 Aug 10  1999 etc
> - -- | drwxr-srwt   2 1170     924          2048 Jul 19 18:48 incoming
> [NSE: We've got something writeable here]
> - -- | d--x--x--x   2 root     root         1024 Jan 14  2002 lib
> - -- |_drwxr-sr-x   2 1170     924          1024 Aug  5  2004 pub

This looks pretty good and it works for me. I would like you to make
some changes, though. First, the file listing should be controlled by a
script argument, not verbosity() >= 2. I think I would just make it the
default. There needs to be a limit on the number of lines that it will
retrieve, like nfs-ls. And the code that gets the file listing should be
a separate function, expecially seeing as it creates a new socket and
everything.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/