Changelog Version 0.15:
+ new tool proftpd_versions.py
+ fingerprint engine bug fixed (now the engine can detect fingerprints.)
+ ftpmap->fid removed
+ ftpmap_brute() removed (not needed).
Ftpmap scans remote FTP servers to indentify what software and what versions they are running. It uses program-specific fingerprints to discover the name of the software even when banners have been changed or removed, or when some features have been disabled. FTP-Map will try to detect exploits by the FTP software/version. and FTP-Map also contains tools for remote take-over.
ftmap Console Menu
——————————- USAGE ——————————
Using ftpmap is trivial, and the built-in help is self-explanatory :
Options:
--server, -s <host> - The FTP server. --port, -P <port> - The FTP port (default: 21). --user, -u <user> - FTP user (default: anonymous). --password, -p <password> - FTP password (default: NULL). --execute, -x <cmd> - Run command on the FTP server. --nofingerprint, -n - Do not generate fingerprint. --login, -A - Only login, print output and quit. --force, -F - Force to generate fingerprint. --output, -o <file> - output file. --list, -L <path> - Get list of files and folders on the FTP server. --delete <path> - Delete files/folders on the server. --last-modified, -m <file> - Returns the last-modified time of the given file Fuzzer Options: --fuzzer, -f - Use the Fuzzer. --fuzzerlength,-b <length> - Buffer length to send. (default: 256) --fuzzer-nologin, -l - Do not login. General Options: --version, -v - Show version information and quit. --help, -h - Show help and quit.
Example Usage:
ftpmap --server localhost ftpmap --port 2121 -s 127.0.0.1 ftpmap -u root -p root -s localhost ftpmap -u root -p root -s localhost -x "SYST" ftpmap -s localhost --fuzzer ftpmap --server localhost --user root --password root --list "/" ftpmap --server -u root -p root --delete "/etc/secret"
———————— Obfuscating FTP servers ——————-
This software was written as a proof of concept that security through obscurity doesn’t work. Many system administrators think that hidding or changing banners and messages in their server software can improve security.
Don’t trust this. Script kiddies are just ignoring banners. If they read that “XYZ FTP software has a vulnerability”, they will try the exploit on all FTP servers they will find, whatever software they are running. The same thing goes for free and commercial vulnerability scanners. They are probing
exploits to find potential holes, and they just discard banners and messages.
On the other hand, removing software name and version is confusing for the system administrator, who has no way to quickly check what’s installed on his servers.
If you want to sleep quietly, the best thing to do is to keep your systems up to date : subscribe to mailing lists and apply vendor patches.
————————— COMPILATION —————————
“make install will not work for now.”
./configure
make
cd src && ./ftpmap -h
Download : Master.zip | Clone Url | Our Post Before
Source : https://github.com/Hypsurus