From a5c0d16ec81bb0bffb9edd24c93b64f134685f9b Mon Sep 17 00:00:00 2001 From: CPol Date: Wed, 31 Mar 2021 10:24:54 +0000 Subject: [PATCH] GitBook: [master] 4 pages modified --- misc/references.md | 4 ---- pentesting/pentesting-ftp/README.md | 6 +++--- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/misc/references.md b/misc/references.md index e89101dc7..1e307ff24 100644 --- a/misc/references.md +++ b/misc/references.md @@ -2,8 +2,6 @@ {% embed url="https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/\#python-tty-shell-trick" %} -{% embed url="https://rmusser.net/docs/Privilege%20Escalation%20&%20Post-Exploitation.html" %} - {% embed url="https://hausec.com/pentesting-cheatsheet/\#\_Toc475368982" %} {% embed url="https://anhtai.me/pentesting-cheatsheet/" %} @@ -16,8 +14,6 @@ {% embed url="https://chryzsh.gitbooks.io/pentestbook/basics\_of\_windows.html" %} -{% embed url="http://www.0daysecurity.com/penetration-testing/enumeration.html" %} - {% embed url="https://github.com/wwong99/pentest-notes/blob/master/oscp\_resources/OSCP-Survival-Guide.md" %} {% embed url="https://anhtai.me/oscp-fun-guide/" %} diff --git a/pentesting/pentesting-ftp/README.md b/pentesting/pentesting-ftp/README.md index 21d617e0b..81ace5bda 100644 --- a/pentesting/pentesting-ftp/README.md +++ b/pentesting/pentesting-ftp/README.md @@ -82,7 +82,7 @@ Source: [https://www.thesecuritybuddy.com/vulnerabilities/what-is-ftp-bounce-att ### Anonymous login _anonymous : anonymous -anonymous : +anonymous : ftp : ftp_ ```bash @@ -110,7 +110,7 @@ Anon login and bounce FTP checks are perform by default by nmap with **-sC** opt ## Browser connection -You can connect to a FTP server using a browser \(like Firefox\) using a URL like: +You can connect to a FTP server using a browser \(like Firefox\) using a URL like: ```bash ftp://anonymous:anonymous@10.10.10.98 @@ -149,7 +149,7 @@ Some FTP servers allow the command PORT. This command can be used to indicate to [**Learn here how to abuse a FTP server to scan ports.**](ftp-bounce-attack.md)\*\*\*\* -You could also abuse this behaviour to make a FTP server interact with other protocols. You could **upload a file containing an HTTP request** and make the vulnerable FTP server **send it to an arbitrary HTTP server** \(_maybe to add a new admin user?_\) or even upload a FTP request and make the vulnerable FTP server download a file for a different FTP server. +You could also abuse this behaviour to make a FTP server interact with other protocols. You could **upload a file containing an HTTP request** and make the vulnerable FTP server **send it to an arbitrary HTTP server** \(_maybe to add a new admin user?_\) or even upload a FTP request and make the vulnerable FTP server download a file for a different FTP server. The theory is easy: 1. **Upload the request \(inside a text file\) to the vulnerable server.** Remember that if you want to talk with another HTTP or FTP server you need to change lines with `0x0d 0x0a`