Name: FTP Authentication Scanner
Module: auxiliary/scanner/ftp/ftp_login
Version: 14976
License: Metasploit Framework License (BSD)
Rank: Normal
Provided by:
todb <todb@metasploit.com>
Basic options:
Name Current Setting Required Description
—- ————— ——– ———–
BLANK_PASSWORDS true no Try blank passwords for all users
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
PASSWORD no A specific password to authenticate with
PASS_FILE no File containing passwords, one per line
RECORD_GUEST false no Record anonymous/guest logins to the database
RHOSTS External-IP yes The target address range or CIDR identifier
RPORT 21 yes The target port
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
THREADS 1 yes The number of concurrent threads
USERNAME no A specific username to authenticate as
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
USER_AS_PASS true no Try the username as the password for all users
USER_FILE no File containing usernames, one per line
VERBOSE true yes Whether to print output for all attempts
Description:
This module will test FTP logins on a range of machines and report
successful logins. If you have loaded a database plugin and
connected to a database this module will record successful logins
and hosts so you can track your access.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0502
—————————————————————————–
Example of successful login
msf > use auxiliary/scanner/ftp/ftp_login
msf auxiliary(ftp_login) > set rhosts External-IP
rhosts => External-IP
msf auxiliary(ftp_login) > run
[*] External-IP:21 – Starting FTP login sweep
[*] Connecting to FTP server External-IP:21…
[*] Connected to target FTP server.
[*] External-IP:21 – FTP Banner: ‘220 Microsoft FTP Service\x0a\x0a’
[*] External-IP:21 FTP – Attempting FTP login for ‘anonymous’:’chrome@example.com’
[+] External-IP:21 – Successful FTP login for ‘anonymous’:’chrome@example.com’
[*] External-IP:21 – User ‘anonymous’ has READ access
[*] Successful authentication with read access on External-IP will not be reported
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
—————————————————————————–
Example of successful login with READ/WRITE access
msf auxiliary(ftp_login) > run
[*] External-IP:21 – Starting FTP login sweep
[*] Connecting to FTP server External-IP:21…
[*] Connected to target FTP server.
[*] External-IP:21 – FTP Banner: ‘220 Microsoft FTP Service\x0a\x0a’
[*] External-IP:21 FTP – Attempting FTP login for ‘anonymous’:’chrome@example.com’
[+] External-IP:21 – Successful FTP login for ‘anonymous’:’chrome@example.com’
[*] External-IP:21 – User ‘anonymous’ has READ/WRITE access
[*] Successful authentication with write access on External-IP will not be reported
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
http://www.myexploit.wordpress.com/ubuntu-install-filezilla/
—————————————————————————–
Example of none successful login
msf auxiliary(ftp_login) > run
[*] External-IP:21 – Starting FTP login sweep
[*] Connecting to FTP server External-IP:21…
[*] Connected to target FTP server.
[*] External-IP:21 – FTP Banner: ‘220 Microsoft FTP Service\x0a\x0a’
[*] External-IP:21 FTP – Attempting FTP login for ‘anonymous’:’IEUser@’
[*] External-IP:21 FTP – Failed FTP login for ‘anonymous’:’IEUser@’
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
—————————————————————————–
If you don’t want to use metasploit but want to see same results you can use nmap
root@bt:~# nmap -sV -sC -p 21 remote-ip
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2010-06-02 02:04 BST
Nmap scan report for remote-ip
Host is up (0.00053s latency).
PORT STATE SERVICE VERSION
21/tcp open ftp Microsoft ftpd
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_2010-06-02 02:04 61440 nc.exe
MAC Address: 00:02:03:04:05:06 (Micky Systems)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.34 seconds
2 thoughts on “control – metasploit ftp Authentication Scanner”