How to hack FTP?

Viewing 13 reply threads
  • Author
    Posts
    • #2860
      scucci
      Participant

      I posted a recent topic regarding securing FTPand now I’m curious in finding a way to hack my FTP server. I want to see if this is possible and learn how to protect it. Are there any known methods or tools that you recomend? I know that FTP sends all data (credentials/files) in clear text, and I want to show this to management.

      Also is there a non-intrusive way to secure FTP from a users point of view? We still want them to loging to FTP via their browser or client without having to install any software on their side?

      Thanks,

      Scucci

    • #19860
      BillV
      Participant

      Sniffing – Wireshark
      Logon Attack – THC-Hydra

      And you could always exploit the software running the FTP service.

      I’m not sure I understand your other question. You would secure your FTP service on the server side….

      BillV

    • #19861
      Michael J. Conway
      Participant

      A favorite tool if you are using a Windows PC is Cain & Able. Good Windows Swiss Army knife type tool.

    • #19862
      scucci
      Participant

      I guess I didn’t make myself that clear in the last post, its kinda of a 2 part question.

      1. I know that FTP is not secure and I want to try and crack our current FTP site. I’m currently researching ways to do this. I was wanted to know how to view data and credentials as they’re going on the wire. I’ve read that it passes data in clear text, so i wanted to try and capture this. Is this only possible internally or can this be done externally from the network.

      2. Secondly, since FTP does pass everything in clear text I wanted to know a few solutions to secure FTP that wouldn’t require a different experience from the users. Is this possible to do without having them download a different client or accessing in a different way.

      thanks again,

      matt

    • #19863
      Michael J. Conway
      Participant

      If you are running Cain on your box, it can intercept FTP credentials. Wireshark will give you a raw view of the traffic. Try looking into SFTP. Good luck.

    • #19864
      wishi
      Participant

      Why not reverse the client’s source a bit. Most times there’s a off-by-one or other option to exploit it.

      Hydra – guess it’s just not my style. You could try Medusa or John, or even CUDA API in C – and speed this up as long as you know whether the policy isn’t harmed, causing logfiles. Therefore footprint that before you start anything.

      Have fun,
      wishi

    • #19865
      Dave 1
      Participant

      I need a hacker to gain access to my websites ftp details. a host is with holding them from me.  but I need it doing before tommorrow 12 noon.

    • #19866
      caissyd
      Participant

      @Dave 1: This is an ETHICAL hacker site. We don’t do illegal stuff here.

    • #19867
      Dave 1
      Participant

      Is it illegal if its my website?

    • #19868
      caissyd
      Participant

      a host is with holding them from me

      Why does this host holding your FTP site?

      You can hack your own stuff in your own lab with tools you own, but other than that, you would need a written permission to do a pentest. And if someone is holding your web site against you, he would probably not sign anything…

    • #19869
      White ghost
      Participant

      You can hack the ftp server with ncrack
      ncrack is a backtrack linux tool (and back track is a linux distribution for pentration test its free) but you can download ncrack for windows
      its a command line application and here is the example of it

      ncrack -v –user admin 192.168.10.1:21

    • #19870
      Anonymous
      Participant

      All the above methods would work fine. Most people would try brute force the account if there was no lock out using hydra or another tool. Using wireshark would work too as long you had access to the network to sniff the traffic this would be the most effect as FTP is not a secure protocol and transfer everything in plain text.

    • #19871
      Triban
      Participant

      Careful WhiteGhost, we had another user come in and look for someone to hack a site for them that wasn’t the OP. 

      But to the OP, what you may want to prove is that the FTP site is seceptible to a Man-in-the-middle attack since FTP uses cleartext credentials.  Explain to them that SFTP is the prefered method of transfering files to customers and partners.  It is run over a Secure Shell (SSH) session which utilizes an encrypted tunnel.  The cost is low for implmenting a SFTP solution.

      And yes the best way to show them is the use of a sniffer and a tool lilke Cain.    Ha! you can get elaborate and utlize the SET to clone the FTP site and show them how someone can socially engineer users to gain access to their credentials 😀

    • #19872
      ev0wpnz
      Participant

      scucci,
      FTP is an inherently insecure protocol due to the fact that it uses plain-text and allows anonymous logins. There are also a lot of the FTP applications that are vulnerable to remote exploitation. An example of one vulnerable application would be wu-ftpd. I think 3xban did a great good of answering your question an I mostly just reiterating what he said. Performing an Man-in-the-middle using ARP poisoning and using something like ettercap/cain&able to grab the credentials as someone logs into them would be the simplest way. You could aslo exploit the service although this does not prove that the protocol itself is insecure just the particular application your using.

      Here is a good video on Man-in-the-middle:
      http://www.youtube.com/watch?v=-hd7XG-b6uk

      Feel free to message me if you have any more questions.

Viewing 13 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?