RTSblue

Ok i got into a ftp server

36 posts in this topic

http://www.milw0rm.com/exploits/2856

ProFTPD 1.3.0 stack overflow

You might actually need a valid user/pass wouldn't know skimmed the code.

http://securitydot.net/search/exploits/vul...4+exploits.html

apache 2.0.54 exploits

etc..

Google?

wtf is that

:glare:

See, this is exactly why you shouldn't have made that bet.

Look, I don't mean to be elitist/snobby in any way, but I mean it says it right on the page:

# vd_proftpd.pm - Metasploit module for ProFTPD stack overflow

...and then it goes into paragraphs explaining what it is. Not understanding the paragraphs and asking us about them is one thing. That's okay. But if you're not even going to bother clicking the link and reading the page before you ask "wtf" it is, then please stop posting and wasting our communal time. And for the record, the exploit wouldn't of been of use anyways, because you need to have logged into the FTP server for this to work.

Noooooooooooo really i read that i dont know to to run that program or script.

I haven't used metasploit in a looooong while, but I thought it was just a matter of copying the script file over to their exploits folder?

0

Share this post


Link to post
Share on other sites

Aside from exploiting server vulnerabilities, or bruteforcing through the basic user/pass combos (you know "god" "sex" "love" "hate")

You forgot "secret". :D

0

Share this post


Link to post
Share on other sites

Aside from exploiting server vulnerabilities, or bruteforcing through the basic user/pass combos (you know "god" "sex" "love" "hate")

You forgot "secret". :D

Are you on crack

0

Share this post


Link to post
Share on other sites

Aside from exploiting server vulnerabilities, or bruteforcing through the basic user/pass combos (you know "god" "sex" "love" "hate")

You forgot "secret". :D

Are you on crack

God sex love and secret are (or were) the most common passwords (as noted in the movie "hackers") although now i would say they are "password" "secret" "mypassword" and *username*

how exactally did you get to a conversation which ended in this bet?

0

Share this post


Link to post
Share on other sites

Isn't proftpd more likely to be found running on a *nix server than a Windows box? I know it can be compiled under Windows, if nothing else, under Cygwin, but this seems unnecessary when there are several reasonably good ftp servers for Windows out there, for free. Are you sure this is running on a personal box? If it's not, and it's on a colocated server, or worse yet, a commercial shared server, breaking into it is probably a very bad idea. Personal boxes are one thing, as the person owning it can do anything to it they want, and subsequently give you the permission to do anything to it, but especially shared servers are /not/ governed by the user's decision as to what they want to allow to happen to it! A large commercial server probably also runs some sort of IDS, or at least has sysadmins that would detect someone trying to break in brute-force style.

The -O option for nmap will give you the OS of the machine you're scanning...I'd double-check and make sure this is actually a personal box.

0

Share this post


Link to post
Share on other sites

Gee, imagine port 21 being open for FTP (hint: THATS WHAT PORT IT RUNS ON).

0

Share this post


Link to post
Share on other sites

you know "god" "sex" "love" "hate" !

Sounds like sb. likes the movie "Hackers" ;).

HaNoCr

:P

0

Share this post


Link to post
Share on other sites

what means when port is filtred?

blocked by either isp or firewall.

something is running possibly, and whatever goes there is being filtered, its the meaning of the word really.

google define:filter

Definitions of filter on the Web:

* remove by passing through a filter; "filter out the impurities"

* device that removes something from whatever passes through it

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now