Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Bug in anonFTP.nse
From: Kris Katterjohn <katterjohn () gmail com>
Date: Tue, 03 Jun 2008 18:14:42 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Fifield wrote:
On Tue, Jun 03, 2008 at 10:54:10PM +0100, Eddie Bell wrote:
NSOCK (0.2980s) Callback: READ SUCCESS for EID 178 [Y.Y.Y.Y:21] (77 bytes): 220 (vsFTPd 2.0.5)..331 Please specify 
the password...230 Login successful...
What hex separates the password prompt from the status code? I guess
it's a different eol sequence that "^" doesn't catch for some reason.

It's \r\n. The code that matches it is

        if string.match(result, "^230") then

I don't know if string.match is supposed to match embedded newlines?
It seems like the real problem is the line before:

        status, result = socket:receive_lines(1);

Where receive_lines is returning more than one line. It's a wrapper for
nsock_readlines, which has this comment:

/* Read up to nlines lines (terminated with \n, which of course
   inclues \r\n), or until EOF, or until the timeout, whichever comes
   first.  Note that NSE_STATUS_SUCCESS will be returned in the case
   of EOF or tiemout if at least 1 char has been read.  Also note that
   you may get more than 'nlines' back -- we just stop once "at least"
   'nlines' is read */


Can stdnse.make_buffer() be used to fix this?

David Fifield


Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSEXQYP9K37xXYl36AQLncw/9Hmcnvn1/1pu7+VFwrowS2pzM9bnjOabT
7kiMkVn+RTdP1CFE2sjfr8Zdhy9Qb8Y3LF99rv9ixnVNDRyI+xDxpiiWU9w0iW0T
Z+id9fvoMLfgUBvRwh0HHGkPf8K/iCHDo+Z3hiY+MFnX1jT1CC5oG1NdW5HV5pZP
V/qyAxfdMe40j5Tc5ugD0nWwbWOsxgoYYdp/eImc0Acw/oH7uFr1umkQZ0FTlo8N
rpfMHzxH40dR4Jl0T4dkF/5m/hXsULrx7aPC5opWXDRYR5Qyw19LUhJlhxA9UToc
apuzKPRtP/YCKZU+ya3vnCce86+jD3/s0d3K2gkNnh0eRms17/BBzmFqeM2ekkzC
H8mAAmV7q8U4m8v8xvNWiW2n84E+J19mja9sohJSoiht3bK5ZJ5JLvh0RiRADU4R
qDYqQvw8rOlNLrSkFHw6T7CnqxFk3rZKXKiDA64muoXdYKoHSASQK0VikWCuYXEX
FBEbwK+i6ThqexSIlQUPodDTYzXrfNYtZqRL4iHSKP8c1K3/eRbhaVlXmIFAC1pO
FX5LN/qBM6tA+3Mqa/WVKWTscX/2FeImUBdmb7jNh7U4TfNAcrv8PRWPUMk5oVnU
O4gDDJtSySgVAs3VVuGqhw8oouPaWckm15uQPJ6UtgAX04Cn8sSQciTcvFRMvE96
kO+DiVJGu74=
=RZN2
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]