Re: Titan FTP Server Aborted LIST DoS

[Noam Rathaus <noamr () beyondsecurity com>]

On Friday 07 May 2004 05:19, Gene Ken wrote:
> Hi Aviram,
>
>    I have some trouble with the testing of current exploit, the below
> is my tested procedure:
>
> 1) In my test bed, the host side is winxp professional with ip_addr
> 192.168.0.2 (english, 5.1 build 2600), and the client side is redhat linux
> 9 using NAT in
>    Vmware Workstation 4.5.1 build-7568 with ip_addr 192.168.92.3.
>
> 2) I have successfully Titan Ftp Server v3.01 Build 163 installed on Winxp
> Pro platform. also the perl script u mentioned in ur article has
> successfully executed like as the below:
>
> /* on my redhat box, i use ftp to verify if the titan ftp server is
> running, the
>     result is the info as below: */
>
> [gken@rh9 gken]$ ftp 192.168.0.2
> Connected to 192.168.0.2 (192.168.0.2).
> 220 Titan FTP Server 3.01.163 Ready.
> Name (192.168.0.2:gken): gken
> 331 User name okay, need password.
> Password:
> 230-Welcome gken from 192.168.0.2. You are now logged in to the server.
> 230 User logged in, proceed.
> Remote system type is UNIX.
> Using binary mode to transfer files.
>
> /* executing titan.pl script */
> [gken@rh9 gken]$ perl titan.pl
> Combination:
> cannot connect to ftp daemon on 192.168.0.2 at titan.pl line 22.
>
>
>     how to tackle this? thx in advance!
Hi,

The perl script written is hardcoded to port 2112, which is probably not the 
port number your Titan FTP server listens on, modify this number with your 
FTP Server port number (the default value is 21).

-- 
Thanks
Noam Rathaus
CTO
Beyond Security Ltd.

Join the SecuriTeam community on Orkut:
http://www.orkut.com/Community.aspx?cmm=44441