EuroTrashSecurity Website

Updated: IIS-FTP Nmap Script

Yesterday, I posted an article about a Nmap script to detect potentially vulnerable Microsoft IIS FTP servers.
I updated the script which now allows an alternative FTP user and password pair to be passed via the command line (thanks to Chris for the comment). If no arguments are provided, an anonymous FTP session will be started.
Example:

# [...]

September 1st, 2009 | Tags: , , , , | Category: OS, Security, Software | 4 comments

Detecting Vulnerable IIS-FTP Hosts Using Nmap

A new 0-day exploit for the FTP server included within the Microsoft IIS suite has been released today. Check the post on the Full Disclosure mailing list for more details.
Based on an existing Nmap script, I quickly wrote a new one which performs the following actions:

Check if anonymous sessions are allowed.
Check if the detected FTP [...]

September 1st, 2009 | Tags: , , , , | Category: OS, Security, Software | 10 comments