Description: FTP sites are the most mysterious off all internet resources. At one time they were the only means of file exchanges between users. Even though they are no longer as popular as they were, many of them still house interesting data and projects, some of which may be available through an anonymous login. People not familiar with FTP should think of the anonymous login as a kind of a guest access, when the user has access to all files which has been made available for public viewing. In this video we will look at how to mine FTP sites in an automated way using a scanner utility. We will use the Python language as it speeds up the development time and effort and is also very human readable and understandable. The end goal of this video is to write an automated FTP scanner which will take a list of ftp sites as input, fetch the welcome message (useful for finding FTP software version), logs into them if anonymous access is allowed, gets the directory listing in ftproot and tries to create a directory to check for software misconfigurations. <br>Update: User Jabzor from Binrev forums pointed out an interesting article on the art of breaking locked directories. As these techniques primarily consist of sending commands such as mkdir, mfr, mto etc, it is easily possible to incorporate them into the current program using the ftplib.sendcmd(command comes here) method. This is left as an exercise to the user<br>Links:<br><br>1. FTP Protocol Basics<br><br>2. Python Programming Language Basics<br><br>
Tags: programming ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Great Video. Thanks,