mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-15 09:27:32 +00:00
GitBook: [#3530] No subject
This commit is contained in:
parent
10540279bb
commit
8c14e7e327
1 changed files with 20 additions and 19 deletions
|
@ -133,25 +133,6 @@ Anon login and bounce FTP checks are perform by default by nmap with **-sC** opt
|
||||||
nmap --script ftp-* -p 21 <ip>
|
nmap --script ftp-* -p 21 <ip>
|
||||||
```
|
```
|
||||||
|
|
||||||
### Post-Exploitation
|
|
||||||
|
|
||||||
The default configuration of vsFTPd can be found in `/etc/vsftpd.conf`. In here, you could find some dangerous settings:
|
|
||||||
|
|
||||||
* `anonymous_enable=YES`
|
|
||||||
* `anon_upload_enable=YES`
|
|
||||||
* `anon_mkdir_write_enable=YES`
|
|
||||||
* `anon_root=/home/username/ftp` - Directory for anonymous.
|
|
||||||
* `chown_uploads=YES` - Change ownership of anonymously uploaded files
|
|
||||||
* `chown_username=username` - User who is given ownership of anonymously uploaded files
|
|
||||||
* `local_enable=YES` - Enable local users to login
|
|
||||||
* `no_anon_password=YES` - Do not ask anonymous for password
|
|
||||||
* `write_enable=YES` - Allow commands: STOR, DELE, RNFR, RNTO, MKD, RMD, APPE, and SITE
|
|
||||||
|
|
||||||
### Shodan
|
|
||||||
|
|
||||||
* `ftp`
|
|
||||||
* `port:21`
|
|
||||||
|
|
||||||
## Browser connection
|
## Browser connection
|
||||||
|
|
||||||
You can connect to a FTP server using a browser (like Firefox) using a URL like:
|
You can connect to a FTP server using a browser (like Firefox) using a URL like:
|
||||||
|
@ -226,8 +207,28 @@ Anyway, here you have an [old example about how to abuse this to make a FTP serv
|
||||||
ftpusers
|
ftpusers
|
||||||
ftp.conf
|
ftp.conf
|
||||||
proftpd.conf
|
proftpd.conf
|
||||||
|
vsftpd.conf
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Post-Exploitation
|
||||||
|
|
||||||
|
The default configuration of vsFTPd can be found in `/etc/vsftpd.conf`. In here, you could find some dangerous settings:
|
||||||
|
|
||||||
|
* `anonymous_enable=YES`
|
||||||
|
* `anon_upload_enable=YES`
|
||||||
|
* `anon_mkdir_write_enable=YES`
|
||||||
|
* `anon_root=/home/username/ftp` - Directory for anonymous.
|
||||||
|
* `chown_uploads=YES` - Change ownership of anonymously uploaded files
|
||||||
|
* `chown_username=username` - User who is given ownership of anonymously uploaded files
|
||||||
|
* `local_enable=YES` - Enable local users to login
|
||||||
|
* `no_anon_password=YES` - Do not ask anonymous for password
|
||||||
|
* `write_enable=YES` - Allow commands: STOR, DELE, RNFR, RNTO, MKD, RMD, APPE, and SITE
|
||||||
|
|
||||||
|
### Shodan
|
||||||
|
|
||||||
|
* `ftp`
|
||||||
|
* `port:21`
|
||||||
|
|
||||||
## HackTricks Automatic Commands
|
## HackTricks Automatic Commands
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in a new issue