September 19, 2008 at 6:01 pm #2860scucciParticipant
I posted a recent topic regarding securing FTPand now I’m curious in finding a way to hack my FTP server. I want to see if this is possible and learn how to protect it. Are there any known methods or tools that you recomend? I know that FTP sends all data (credentials/files) in clear text, and I want to show this to management.
Also is there a non-intrusive way to secure FTP from a users point of view? We still want them to loging to FTP via their browser or client without having to install any software on their side?
September 19, 2008 at 7:24 pm #19860
September 19, 2008 at 7:27 pm #19861Michael J. ConwayParticipant
A favorite tool if you are using a Windows PC is Cain & Able. Good Windows Swiss Army knife type tool.
September 20, 2008 at 1:42 am #19862scucciParticipant
I guess I didn’t make myself that clear in the last post, its kinda of a 2 part question.
1. I know that FTP is not secure and I want to try and crack our current FTP site. I’m currently researching ways to do this. I was wanted to know how to view data and credentials as they’re going on the wire. I’ve read that it passes data in clear text, so i wanted to try and capture this. Is this only possible internally or can this be done externally from the network.
2. Secondly, since FTP does pass everything in clear text I wanted to know a few solutions to secure FTP that wouldn’t require a different experience from the users. Is this possible to do without having them download a different client or accessing in a different way.
September 20, 2008 at 3:15 am #19863Michael J. ConwayParticipant
If you are running Cain on your box, it can intercept FTP credentials. Wireshark will give you a raw view of the traffic. Try looking into SFTP. Good luck.
October 17, 2008 at 3:42 pm #19864wishiParticipant
Why not reverse the client’s source a bit. Most times there’s a off-by-one or other option to exploit it.
Hydra – guess it’s just not my style. You could try Medusa or John, or even CUDA API in C – and speed this up as long as you know whether the policy isn’t harmed, causing logfiles. Therefore footprint that before you start anything.
September 2, 2010 at 3:19 pm #19865Dave 1Participant
I need a hacker to gain access to my websites ftp details. a host is with holding them from me. but I need it doing before tommorrow 12 noon.
September 2, 2010 at 3:34 pm #19866
September 2, 2010 at 3:55 pm #19867Dave 1Participant
Is it illegal if its my website?
September 2, 2010 at 4:56 pm #19868caissydParticipant
a host is with holding them from me
Why does this host holding your FTP site?
You can hack your own stuff in your own lab with tools you own, but other than that, you would need a written permission to do a pentest. And if someone is holding your web site against you, he would probably not sign anything…
October 31, 2011 at 8:09 am #19869White ghostParticipant
You can hack the ftp server with ncrack
ncrack is a backtrack linux tool (and back track is a linux distribution for pentration test its free) but you can download ncrack for windows
its a command line application and here is the example of it
ncrack -v –user admin 192.168.10.1:21
October 31, 2011 at 9:29 am #19870AnonymousParticipant
All the above methods would work fine. Most people would try brute force the account if there was no lock out using hydra or another tool. Using wireshark would work too as long you had access to the network to sniff the traffic this would be the most effect as FTP is not a secure protocol and transfer everything in plain text.
October 31, 2011 at 2:06 pm #19871TribanParticipant
Careful WhiteGhost, we had another user come in and look for someone to hack a site for them that wasn’t the OP.
But to the OP, what you may want to prove is that the FTP site is seceptible to a Man-in-the-middle attack since FTP uses cleartext credentials. Explain to them that SFTP is the prefered method of transfering files to customers and partners. It is run over a Secure Shell (SSH) session which utilizes an encrypted tunnel. The cost is low for implmenting a SFTP solution.
And yes the best way to show them is the use of a sniffer and a tool lilke Cain. Ha! you can get elaborate and utlize the SET to clone the FTP site and show them how someone can socially engineer users to gain access to their credentials 😀
November 9, 2011 at 2:42 am #19872ev0wpnzParticipant
FTP is an inherently insecure protocol due to the fact that it uses plain-text and allows anonymous logins. There are also a lot of the FTP applications that are vulnerable to remote exploitation. An example of one vulnerable application would be wu-ftpd. I think 3xban did a great good of answering your question an I mostly just reiterating what he said. Performing an Man-in-the-middle using ARP poisoning and using something like ettercap/cain&able to grab the credentials as someone logs into them would be the simplest way. You could aslo exploit the service although this does not prove that the protocol itself is insecure just the particular application your using.
Here is a good video on Man-in-the-middle:
Feel free to message me if you have any more questions.
- You must be logged in to reply to this topic.