Nmap Development mailing list archives
Re: simulating FTP bounce attack using nmap
From: majek04 <majek04+nmap-dev () gmail com>
Date: Fri, 31 Aug 2007 13:47:43 +0200
On 8/31/07, Mbzaman L <query.security () gmail com> wrote:
Greeting All, I am trying to simulate the old FTP bounce attack . This is an old attack and I believe most of the FTP servers available today are not prone to such type of attacks. I am using vsftpd package for implementing FTP server . Also using anonymous user I can upload files to the FTP server. The FTP server also supports passive mode as the following commands shows...
Well, unfortunately anonymous user + PASV + upload is not enough for ftp server to allow ftp bounce. The server must allow "PORT" command with ip different than yours. You can look at my NSE script for finding ftp bounce servers: http://ai.pjwstk.edu.pl/~majek/private/nmap/ftpbounce.lua In my script the key ftp command is (ip specified below is scanme.insecure.org): PORT 205,217,153,62,80,80\r\n Chers! Marek Majkowski _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- simulating FTP bounce attack using nmap Mbzaman L (Aug 31)
- Re: simulating FTP bounce attack using nmap majek04 (Aug 31)