How to crack an FTP server (easy with video/images)Penetration Testing and Ethical Hacking Course

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Courses Penetration Testing and Ethical Hacking Course How to crack an FTP server (easy with video/images)

This topic contains 15 replies, has 15 voices, and was last updated by  ultimatex2049x scipt kiddie 1 year, 11 months ago.

Viewing 16 posts - 1 through 16 (of 16 total)
  • Author
    Posts
  • #14508

    Anonymous

    OK guys,

    Simple tutorial which will show you how to crack an FTP server, often which can evade the need to hack an actual web server too!

    A simple bit of info about FTP servers for anyone who doesn’t know:

    FTP (File Transfer protocol) is a service which enables the sharing of files online and across a network, generally but not restricted to port 21. You can access it via a web browser, command line, or other software application. Generally you will need to login as the files and services are for private/business use and each user are given specific rights or privileges as to what they can do (ie; read access, would you believe only allows to view files, read/write access allows them to read, and write/upload/modify files etc) and this becomes very important when hacking. Despite often needing to login, there is sometimes an annonymous account enabled (guest account) and that’s what we’ll come to now.

    Anonymous access:

    You’d be surprised at how often one can gain anonymous access to a FTP server, often this is restricted to “read only” access which still lets you snoop on there files. Sometimes you’ll get lucky and they allow read/write access in an anonymous account (often a misconfiguration, lack of security understanding, or for ease of use often in educational sectors).

    So, how do you login anonymously? well there are two ways (or more if you have additional software) that is, via your web browser or command line, but for the scope of the tutorial I’ll demonstrate via cmd. So now I’ll quickly search online for an FTP server…. OK so I chose an uni as an example, and in the command line I put:

    ftp ftp.csx.cam.ac.uk
    and in login I put: user:
    anonymous
    pass
    ie@blah

    This logged me in, and the reason it’s best going via console is you have more options and flexibility, note: given the way this is setup, you could just directly access it via ftp://ftp.csx.cam.ac.uk/

    Screenshot:
    screen

    Now that’s all well and good, I can now view all the files, read them, download them etc, which MAY be all I need, but hey we’re hackers and we want more right? OK…

    So now, as a demonstration in the pic I’ve shown we, unfortunately only have WRITE access 🙁

    screen status

    Now as aforementioned, SOMETIMES you’ll get lucky and have full read/write access just from an anonymous account (trust me it does happen) but then, sometimes there isn’t an anonymous account at all, so then what? well simply put, you’ll need an account one way or another which often isn’t too hard with ftp servers. Usually you’ll find the password is there email address, and username is something appropriate, ie:

    user: johndoe
    pass: john.doe@noobs.com

    But it’s not always the case, and when social engineering and info gathering fails, then what, CRACKING time, yes you heard me.

    So, this is where you’ll want to crack the account of the target, there are a few FTP crackers but most just plain don’t work. I made one myself which is open source, got great reviews off people who tried it, and was featured in PenTest magazine!
    Here is a video of it in action (Watch from 8:20)

    As demonstrated in the video, this performs a completely customizable and upgradable FTP dictionary attack in order to crack the username and password and so far has had zero false positives.

    This can be downloaded here (part of 2013 security tool kit

    OK, I’ve got access, now what?

    Really? well the world is now your oyster, you can do pretty much whatever you want!

    #14509

    Ξ B ☢ B Ξ
    Participant

    Good post…… also, if you are able to sniff the FTP traffic you will see passwords and usernames are in clear text….

    Thanks @dreamwalker

    #14597

    coldking
    Participant

    Cool tutorial. I remember I had a friend who used to use FTP hacking to mess with people Minecraft servers.

    #14931

    Kn1ghtM@r3
    Participant

    Nice Tutorial

    #15027

    Chambo
    Participant

    @dreamwalker, detailed post thanks!

    Btw, have you thought about adding content to OP3N to reach a wider audience?
    https://www.cybrary.it/cybrary-0p3n/ethical-hacking-member-contributed-content/

    – Chambo

    #15102

    Jeriko
    Participant

    Awesome! FTP infiltration can be a major problem if you have unrestricted access, via able to upload backdoors, rootkits, etc.

    #24326

    Anonymous

    @Dreamwalker- so once you drop the file on the FTP server how do you execute it?

    #24626

    Anonymous

    @jeriko -without access to execute the exploit from a URI perspective how would you execute the payload once its dropped on the server

    #25433

    KaalBhairav
    Participant

    Nice Article, you should add it to OP3N

    #25528

    ghostshellgnome
    Participant

    Great article, very well written and informative. I am with everyone else who has recommended you put it on OP3N.

    #25552

    Nilesh Soni
    Participant

    Great artical

    #25593

    BeNe
    Participant

    What does this post has todo with “crack an FTP” ?
    You connect via anonymous and that´s it ? Sorry…
    The BruteForce part is ok but also more the last way and not clever hacking.

    The youtube video is down.

    #26676

    dxpy
    Participant

    FTP

    #86576

    MounaMacs
    Participant

    “OK, I’ve got access, now what?
    Really? well the world is now your oyster, you can do pretty much whatever you want! ”

    How would you go further to gain a reverse shell from the OS? I can login to ftp, and upload files, but how to trigger it to connect out, ftp doesn’t has a run command, and when I access the file from the web browser, it simply offers the shells as files to download…

    The only port open is ftp.

    Any idea from anyone?

    #106303

    maaz4
    Participant

    can u pls tell me any way to sniff??

    #115330

    another way is to use the Cain and Abel utility and launch a sniffer to sniff out the username and password for you

Viewing 16 posts - 1 through 16 (of 16 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel