Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Bug in anonFTP.nse
From: David Fifield <david () bamsoftware com>
Date: Tue, 3 Jun 2008 17:04:37 -0600

On Tue, Jun 03, 2008 at 10:54:10PM +0100, Eddie Bell wrote:
NSOCK (0.2980s) Callback: READ SUCCESS for EID 178 [Y.Y.Y.Y:21] (77 bytes): 220 (vsFTPd 2.0.5)..331 Please specify 
the password...230 Login successful...

What hex separates the password prompt from the status code? I guess
it's a different eol sequence that "^" doesn't catch for some reason.

It's \r\n. The code that matches it is

        if string.match(result, "^230") then

I don't know if string.match is supposed to match embedded newlines?
It seems like the real problem is the line before:

        status, result = socket:receive_lines(1);

Where receive_lines is returning more than one line. It's a wrapper for
nsock_readlines, which has this comment:

/* Read up to nlines lines (terminated with \n, which of course
   inclues \r\n), or until EOF, or until the timeout, whichever comes
   first.  Note that NSE_STATUS_SUCCESS will be returned in the case
   of EOF or tiemout if at least 1 char has been read.  Also note that
   you may get more than 'nlines' back -- we just stop once "at least"
   'nlines' is read */

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault