Lost universe of Programing
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Lost universe of Programing

USERNAME :- Forum Post:-114
 
HomePortalGalleryLatest imagesRegisterLog in

Lost universe of Programing :: --=| TUTORIALS |=-- :: ETHICAL HACKING & NETWORKING
 

 FTP bounce (Scanning and Foot Printing) 10

Go down 
AuthorMessage
Er Amit Tripathi

Er Amit Tripathi


Male
Number of posts : 37
Age : 38
Location : Lucknow
Job/hobbies : Software Engeener
What U like To do ? : I Rocks With Computer System.
Registration date : 2008-01-09

FTP bounce (Scanning and Foot Printing) 10 Empty
PostSubject: FTP bounce (Scanning and Foot Printing) 10   FTP bounce (Scanning and Foot Printing) 10 I_icon_minitime2/10/2008, 2:37 am
Quote :

A creative scan first detailed by 'Hobbit', takes advantage of the FTP
servers with read/write access. The advantage of this scan can be both
anonymity and accessibility. For instance suppose the target network
allows FTP data transfer from only its recognized partners.
An attacker might discover a service business partner who has a FTP service
running with a world-writeable directory that any anonymous user can
drop files into and read them back from. It could even be the ISP hosting
services on its FTP server.
The attacker, who has a FTP server and able to run in passive mode, logs
in anonymously to the legitimate server and issues instructions for scanning
or accessing the target server through a series of FTP commands. He may
choose to make this into a batch file and execute it from the legitimate
server to avoid detection.
If a connection is established as a means of active data transfer processing
(DTP), the client knows a port is open, with a 150 and 226 response
issued by the server. If the transfer fails a 425 error will be generated
with a refused build data message. The PASV listener connection can be opened
on any machine that grants a file write access to the attacker and
used to bounce the scan attack for anonymity. Hobbit points out that "it
does not even have to be an FTP server -- any utility that will listen
on a known TCP port and read raw data from it into a file will do".


Often these scans are executed as batch files padded with junk so that
the TCP windows are full and the connection stays alive long enough
for the attacker to execute his commands. Fingerprinting the OS can
help
determine the TCP window size and allow the attacker to pad his commands
for further access accordingly. Fingerprinting is discussed in detail
later in this module. This scan is hard to trace, permits access to
local networks and evades firewalls. However, most FTP servers have
patched
this vulnerability by adopting countermeasures such as preventing third
party connections and disallowing listing of restricted ports. Another
measure adopted has been to restrict write access.
Back to top Go down
http://www.aspx.forumotion.com
 
FTP bounce (Scanning and Foot Printing) 10
Back to top 
Page 1 of 1
 Similar topics
-
» Internet Information Centers (scanning and Foot printing) 12
» Port Scanning (Scanning and Footprinting) 7
» SCANNING AND FOOTPRINTING 1
» Nmap (scanning and Footprinting) 9
» UDP Scan (scanning and footprinting) 11

Permissions in this forum:You cannot reply to topics in this forum
Lost universe of Programing :: --=| TUTORIALS |=-- :: ETHICAL HACKING & NETWORKING-
Jump to: