So a big question we seem to be getting is "How do I use this exploit. It keeps giving me errors". Well I'm going to attempt to help you answer this question. This will be a short guide on what to do when your exploit fails. I'll be showing how to install wireshark on *nix(Arch Linux to be exact). I'll be using metasploit in this guide considering that's mainly what people use. This isn't limited to metasploit though.


Alright first thing we do is install wireshark. I'm using Arch so I'll be using pacman but use whatever installer fits you.

This will install the GUI version of wireshark. To install the CLI:


Now we need to set it up so you can use wireshark without being a super user.

Just change chronic to your username. Now that we have it set up we continue.

Now lets say the exploit I want to use is:
ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)
http://www.metasploit.com/modules/explo ... p_sreplace

Now lets get metasploit all set up

Now if we do this right we should get something like this(assuming an error occurred):

So unfortunately we get an error. Now heres what we're going to do. First load up wireshark
Now we start a capture on our card(wlan0). Now lets type exploit again. Same error. But now we can stop the capture on wireshark and see what we get. Let's look for something that has source: your RHOST and the Destination as your IP. We check out the Info and see what went down. We see something like this:

So we see that is an FTP packet sent from the server to us. Now lets keep looking. We can see some packets with this info:

Then we see something like



So we can conclude this exploit requires correct credentials or anonymous login which it doesn't support. That is the source of our problem.

If we dissect the packet a bit we can see in the

Section that we have this:

Which means metasploit is sending USER anonymous + a carriage return and a newline; verifying this exploit requires correct login credentials.

--chroniccommand