Over the past few weeks, Corelan Team has given its undivided attention to fuzzing ftp client applications. Using a custom built ftp client fuzzer, now part of the Metasploit framework, the team has audited several ftp clients and applications that use an embedded client ftp component. One example of such an application is a tool that would synchronize / backup data from a computer to a remote ftp server. The 3 main audit/attack vectors that were used during the "project" were send back overly long responses to ftp commands / requests sent by the ftp client to the server send back a file/directory listing that contains overly long file/folder names try to download a file that has an overly long filename. Read more