|
Nmap Development
mailing list archives
Re: simulating FTP bounce attack using nmap
From: majek04 <majek04+nmap-dev () gmail com>
Date: Fri, 31 Aug 2007 13:47:43 +0200
On 8/31/07, Mbzaman L <query.security () gmail com> wrote:
Greeting All,
I am trying to simulate the old FTP bounce attack . This is an old
attack
and I believe most of the FTP servers available today are not prone to
such
type of attacks.
I am using vsftpd package for implementing FTP server . Also using
anonymous user I can
upload files to the FTP server. The FTP server also supports passive
mode as the following
commands shows...
Well, unfortunately anonymous user + PASV + upload is not enough for
ftp server to allow ftp bounce.
The server must allow "PORT" command with ip different than yours.
You can look at my NSE script for finding ftp bounce servers:
http://ai.pjwstk.edu.pl/~majek/private/nmap/ftpbounce.lua
In my script the key ftp command is (ip specified below is scanme.insecure.org):
PORT 205,217,153,62,80,80\r\n
Chers!
Marek Majkowski
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
| 
Intro
