Monday, 1 February 2021

Metasploit: FTP Anonymous Scanner

 In a previous post (NSE:ftp-anon) I demonstrated how to use NSE to collect information about a target machine and determine if the target is allowing anonymous credentials.

This post is going to show that we can gather similar information utilizing metasploit as well.

Take a look at the image below.

The following steps will prep metasploit so that you can do some scanning of your target.

#use scanner/ftp/anonymous

#set rhosts [Target IP] 

#set threads 50  (You don't have to do this step, but is useful if you are doing a scan of an entire network 192.168.1.0/24  <--Example) 

#run

Results:

Look at what comes back!  We know that the target is allowing anonymous connections and that READ access is set!

We can also see that vsFTPd 2.3.4 is set!  Which is awesome because metaploit is a perfect pool for gaining shell access through this vulnerability.


For curiosity sake I also ran NSE:ftp-anon.

The picture below comes back with more information!


 What can we learn from this? Well, both tools are good but together are even better.  Keep learning about the various tools available too you and when you package them together you can do some awesome things.  

 

Keep checking out my NSE Database I am continuing to add to it so that it can be a good resource for all.

Andrew Campbell

No comments:

Post a comment