Death of an ftp client / Birth of Metasploit modules

Over the past few weeks, Corelan Team has given its undivided attention to fuzzing ftp client applications.

Using a custom built ftp client fuzzer, now part of the Metasploit framework, the team has audited several ftp clients and applications that use an embedded client ftp component. One example of such an application is a tool that would synchronize / backup data from a computer to a remote ftp server.

The 3 main audit/attack vectors that were used during the “project” were

send back overly long responses to ftp commands / requests sent by the ftp client to the server
send back a file/directory listing that contains overly long file/folder names
try to download a file that has an overly long filename.
Continue reading

Fuzzing with Metasploit : Simple FTP fuzzer

Just wanted to drop a quick note about the release of another free script. This time I’ve written a simple FTP fuzzer (with a little help from HDMoore) in Metasploit. You can read more about it (and download the script) at This is why I like Metasploit so much… :-) Update : after running […]

Fixing Exchange 2007 Offline Address Book generation (oalgen) and distribution issues

Today, I’m going to share some ‘notes from the field’ about fixing oab issues in Exchange 2007 In order to fully understand the oab generation and distribution process, I will assume that you are running the Mailbox server role and HUB/CAS server roles on different servers. Of course, this is not a requirement to run […]

IPSec VPN between Windows Server 2008 and Juniper ScreenOS

In this blog post, I will show you how to set up a IPSec VPN tunnel between a Windows Server and a Juniper ScreenOS based firewall and route traffic between hosts that are located behind these 2 VPN gateways. The Windows Server will acts as a gateway to build a VPN tunnel towards the Juniper […]

Free tool – Free POP3 Collector

Keywords : Free generic POP3 collector for Microsoft Exchange 2000 Exchange 2003 Exchange 2007 Lotus Domino Server download email from POP3 and forward to SMTP server Over the last 12 years, I have created multiple email addresses hosted with various Internet Providers, or other companies. I’m still using some of those addresses, and my wife […]

Outlook 2007 unable to download Offline Address Book – error 0X8004010F and 0X80190194

I used to run Exchange 2003 in my test lab. After adding a new 2007 Server (HUB, CAS and Mail) in my AD and moving the mailboxes to the 2007 server, I started seeing problems in my Outlook 2007 client that is using cached exchange mode. Under ‘Sync Issues’ I noticed an error about the […]

Restoring 2003 AD Objects using Windows 2008 Server

Anyone managing an Active Directory knows about the administrative troubles and work that can be caused when an object (such as a user) gets deleted.  The admin needs to either restore the object, and then manually fill out the attributes (such as password, group membership and so on), or restore a backup of the ntds.dit […]

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
Read the full document at and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)