Nmap Development mailing list archives
Re: Sounds like ftp-anon needs work?
From: Richard Miles <richard.k.miles () googlemail com>
Date: Sun, 30 May 2010 15:30:14 +0000
Very great job guys! It should be on the official scripts obtained over update feature of nmap. :) Also, if possible, check for r/w should be a default option, I think. Thanks. On Sun, May 30, 2010 at 6:48 AM, Gutek <ange.gutek () gmail com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please find attached a new version according to the comments
- - Buffer-reading function
- - R/W ability is now an option, enabled with --script-args rw=test
- - R/W : if unable to RMD our crap, at least warn the user
I send it right now despite the fact that it does not checks for other
directories but root, so that we can start comments/testing.
In the meanwhile, i'm thinking about editing the read/write check part :
- - Try to LIST and table{} the directories
- - for each Dir in Table{}, check write-ability. Maybe a depth and/or max
dir question, here ? It could take a very long time on a huge ftp
OR
"the brute-force behavior"
- - establish a list of common / known / default Dir names
- - Check them (if they exist of course). It could be fast this way, but
also could miss some.
Anyway, here are the new Outputs I propose:
- ---
- -- @output
- --- Default behavior
- -- PORT STATE SERVICE
- -- 21/tcp open ftp
- -- | ftp-anon: Anonymous FTP login allowed (FTP code 230)
- -- |_(you can test Read/Write with --script-args rw=test)
- --
- --
- -- Is writeable, but something occured when trying to clean our tracks
- -- 21/tcp open ftp
- -- | ftp-anon: Anonymous FTP login allowed (FTP code 230) (Writeable)
- -- |_/!\ WARNING : we may have left a directory behind us, unable to
remove it ! (FTP code 500)
- --
- --
- -- Is readable
- -- 21/tcp open ftp
- -- |_ftp-anon: Anonymous FTP login allowed (FTP code 230) (Readable)
Note that in Default Behavior I suggest the args option to the user.
Nothing to do with the topic, but I've noticed that around me some users
are not really aware about scripts arguments, or forget that they exist
for a given script.
A.G
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAkwCCjMACgkQ3aDTTO0ha7gw2QCdEbnAOHfUut322Wkh5lZIFhXj
pk0AnjqaQZp3tpOFk+W79quX8eqxgUNz
=IDVE
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Sounds like ftp-anon needs work?, (continued)
- Re: Sounds like ftp-anon needs work? David Fifield (May 20)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (May 20)
- Re: Sounds like ftp-anon needs work? Ron (May 20)
- RE: Sounds like ftp-anon needs work? Rob Nicholls (May 22)
- Re: Sounds like ftp-anon needs work? Gutek (May 22)
- Re: Sounds like ftp-anon needs work? SM (May 23)
- Re: Sounds like ftp-anon needs work? David Fifield (May 27)
- Re: Sounds like ftp-anon needs work? Ron (May 27)
- Re: Sounds like ftp-anon needs work? Fyodor (May 29)
- Re: Sounds like ftp-anon needs work? Gutek (May 29)
- Re: Sounds like ftp-anon needs work? Richard Miles (May 30)
- Re: Sounds like ftp-anon needs work? Fyodor (May 30)
- Re: Sounds like ftp-anon needs work? David Fifield (May 31)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 01)
- Re: Sounds like ftp-anon needs work? Gutek (Jun 01)
- Re: Sounds like ftp-anon needs work? David Fifield (Jun 01)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 01)
- Re: Sounds like ftp-anon needs work? David Fifield (Jun 01)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 04)
- Re: Sounds like ftp-anon needs work? David Fifield (Jun 04)
- Re: Sounds like ftp-anon needs work? Rob Nicholls (Jun 01)