mailing list archives
Re: Potential bug in nmap or ftp-anon script
From: David Fifield <david () bamsoftware com>
Date: Sun, 14 Jun 2009 16:44:02 -0600
On Thu, Jun 04, 2009 at 11:44:43PM -0400, Sina Bahram wrote:
When I scan a specific IP address running an ftp server which allows
anonymous logins, with the anonymous ftp script, I receive the appropriate
However, if I scan a series of IP addresses, one of which includes this IP,
that particular IP doesn't have the appropriate output from the anonymous
ftp script. It does show that IP having port 21 open, but doesn't fire off
the appropriate anonymous message.
Example with fake addresses:
nmap --script ftp-anon -p21 220.127.116.11
Shows the right stuff
nmap --script ftp-anon -p21 1.2.3-5.*
Just shows 18.104.22.168 as having ftp 21 open, but no luck on the anonymous
script firing off the right message.
It does show other hosts like 22.214.171.124 or 126.96.36.199 having 21 open and
displays the anonymous message for them, so this is how I know the script is
The strange thing, of course, is that other Ips in that range trigger the
appropriate response from the script, and they all seem to be correct.
However, I'm now positive that it is missing some.
Using nmap 4.85 beta 9
Maybe the timeout is too short. Try increasing the number in this line
Another suggestion I had is to run with -d --script-trace, and then grep
for the IP in question. If the script is timing out or encountering
another error, that will show it.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org