Nmap Development mailing list archives

[ncrack] bug in cmdline parsing + patch

From: Vlatko Kosturjak <kost () linux hr>
Date: Mon, 10 Aug 2009 10:29:30 +0200

Hello and greetings from Croatia!

In short, ncrack doesn't recognize full paths for user/password lists.

This works:
ncrack -U user.txt -P pass.txt ssh://127.0.0.1

This doesn't work (and gives ugly/nonunderstandable error message):
ncrack -U /tmp/user.txt -P /tmp/pass.txt ssh://127.0.0.1
Failed to open input file  for reading!
QUITTING!

In attachment you can find small patch to fix this issue (against latest
SVN version on /nmap-exp/ithilgore/ncrack).

Kost

Index: ncrack.cc
===================================================================
--- ncrack.cc   (revision 14896)
+++ ncrack.cc   (working copy)
@@ -452,6 +452,12 @@
   }
 
   if (!foundsomething) {
+         res = Snprintf(filename_returned, bufferlen, "%s", file);
+         if (res > 0 && res < bufferlen)
+               foundsomething = file_readable(filename_returned);      
+  }    
+
+  if (!foundsomething) {
     filename_returned[0] = '\0';
   }


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[ncrack] bug in cmdline parsing + patch Vlatko Kosturjak (Aug 10)
- Re: [ncrack] bug in cmdline parsing + patch ithilgore (Aug 10)