Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: FTP Anon Inquiry (Writeable Directory)
From: "Vlatko Kosturjak" <kost () linux hr>
Date: Thu, 14 Apr 2011 19:16:30 +0200

This could be put in todo. As i was writting check for OpenVAS and it tries to upload as there were lot of false 
positives otherwise.

Sent from my mobile

----- Reply message -----
From: "Rob Nicholls" <robert () robnicholls co uk>
Date: Thu, Apr 14, 2011 18:03
Subject: FTP Anon Inquiry (Writeable Directory)
To: "Zack Dela" <ny101880 () yahoo com>
Cc: "Gutek" <ange.gutek () gmail com>, <nmap-dev () insecure org>


 Hi Zack,
My question is, how can I tell that its writeable? Can I add files to 
that
folder since it writeable?

 The script is very basic in its check, it doesn't confirm that files 
 definitely can be written, it simply checks the returned directory 
 listing for a "w" character to indicate that files can potentially be 
 written inside that directory.

 You can see this in the ftp-anon script:

 for _, item in ipairs(listing) do
   -- Just a quick passive check on user rights.
   if string.match(item, "^[d-].......w.") then
     item = item .. " [NSE: writeable]"
   end
   result[#result + 1] = item
 end

 This means it could potentially be a false positive, but I suspect it's 
 generally very unlikely to be wrong. If you want to know for sure you'll 
 need to try and manually create a file within the directory, as the 
 script currently doesn't appear to be capable of uploading a file to be 
 100% sure.

 Rob

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]