Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncrack_pop3.cc minor error

From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Wed, 22 Sep 2010 00:50:32 +0300
On 09/21/2010 10:31 PM, Ryan Hayward wrote:

 In the ncrack_pop3.cc the con->user was being transmitted as the
password.  Patch below


--- ncrack_pop3.cc      2010-09-21 14:29:12.000000000 -0500
+++ ncrack_pop3.cc_orig 2010-09-21 14:29:01.000000000 -0500
@@ -201,7 +201,7 @@
       if (con->outbuf)
         delete con->outbuf;
       con->outbuf = new Buf();
-      con->outbuf->snprintf(7 + strlen(con->pass), "PASS %s\r\n", con->pass);
+      con->outbuf->snprintf(7 + strlen(con->user), "PASS %s\r\n", con->user);

       nsock_write(nsp, nsi, ncrack_write_handler, POP3_TIMEOUT, con,
           (const char *)con->outbuf->get_dataptr(), con->outbuf->get_len());

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



Thanks. Fixed.

-- ithilgore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: