What is ideal Exploit to exploit Pure-FTPd FTP server?Penetration Testing and Ethical Hacking Course

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Courses Penetration Testing and Ethical Hacking Course What is ideal Exploit to exploit Pure-FTPd FTP server?

This topic contains 5 replies, has 6 voices, and was last updated by  xx6d 4 years, 1 month ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #19911

    apocalypse0
    Participant

    Hello.
    Here are below the result received after scanning the web application:

    Nmap:          PORT         STATE       SERVICE              VERSION
    [*] Nmap:     21/tcp        open          ftp                Pure-FTPd

    I wonder if anyone know of a great Exploit to operate the FTP server (Pure-FTPd) found above open when scanning with Nmap?
    What Exploit can you advise me please who can help me to operate the FTP server (Pure-FTPd) open ???

    Thank you to answer me please.

    #19913

    WFrosty
    Participant

    Check if there is an ‘Anonymous’ account open

    #19931

    Johan Grotherus
    Participant

    A quick search in the exploit database makes for two possibilities, see the following link:

    https://www.exploit-db.com/search/?action=search&description=Pure-FTP&e_author=

    As always, make sure you have permission to attack the target before doing so.

    #21122

    dxpy
    Participant
    #21147

    ksanchez
    Participant

    You also need to know the version (-A) of the service you want to exploit in order to know if you can exploit a vulnerability. You could compare the result of Nmap with Online/Offline Exploit Database.

    Other ways are missconfiguration. and you can figure it out with a good Vulnerability Web Scanner.

    If you want to know more in deep about how it works, you can see this documents i’m creating and posting to my Github Account. https://github.com/ksanchezcld/CISSP-CEH. i’m actually working with new version of this docs, to upload in a few days.

    Regards.

    • This reply was modified 4 years, 10 months ago by  ksanchez.
    • This reply was modified 4 years, 10 months ago by  ksanchez.
    #58694

    xx6d
    Participant

    we can not hacked it

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel