lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200405061453.07032.noamr@beyondsecurity.com>
Date: Thu, 6 May 2004 14:53:07 +0300
From: Noam Rathaus <noamr@...ondsecurity.com>
To: Gene Ken <gken@....sina.com>
Cc: Aviram Jenik <aviram@...ondsecurity.com>,
	bugtraq@...urityfocus.com
Subject: Re: Titan FTP Server Aborted LIST DoS


On Friday 07 May 2004 05:19, Gene Ken wrote:
> Hi Aviram,
>
>    I have some trouble with the testing of current exploit, the below
> is my tested procedure:
>
> 1) In my test bed, the host side is winxp professional with ip_addr
> 192.168.0.2 (english, 5.1 build 2600), and the client side is redhat linux
> 9 using NAT in
>    Vmware Workstation 4.5.1 build-7568 with ip_addr 192.168.92.3.
>
> 2) I have successfully Titan Ftp Server v3.01 Build 163 installed on Winxp
> Pro platform. also the perl script u mentioned in ur article has
> successfully executed like as the below:
>
> /* on my redhat box, i use ftp to verify if the titan ftp server is
> running, the
>     result is the info as below: */
>
> [gken@rh9 gken]$ ftp 192.168.0.2
> Connected to 192.168.0.2 (192.168.0.2).
> 220 Titan FTP Server 3.01.163 Ready.
> Name (192.168.0.2:gken): gken
> 331 User name okay, need password.
> Password:
> 230-Welcome gken from 192.168.0.2. You are now logged in to the server.
> 230 User logged in, proceed.
> Remote system type is UNIX.
> Using binary mode to transfer files.
>
> /* executing titan.pl script */
> [gken@rh9 gken]$ perl titan.pl
> Combination:
> cannot connect to ftp daemon on 192.168.0.2 at titan.pl line 22.
>
>
>     how to tackle this? thx in advance!
>
>
Hi,

The perl script written is hardcoded to port 2112, which is probably not the 
port number your Titan FTP server listens on, modify this number with your 
FTP Server port number (the default value is 21).

-- 
Thanks
Noam Rathaus
CTO
Beyond Security Ltd.

Join the SecuriTeam community on Orkut:
http://www.orkut.com/Community.aspx?cmm=44441


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ