Hacking Windows XP SP3 via Script FTP Vulnerability
Type : Tutorial
Level : Easy
Attacker O.S : Backtrack 5 R1
Victim O.S : Windows XP SP3
Vulnerable Application ScriptFTP <= 3.0
Exploit Credit : modpr0be
What is ScriptFTP? According to it's website
ScriptFTP is a FTP client designed to automate file transfers. It follows the commands written on a text file (also called script file) and makes the uploads or downloads automatically. ScriptFTP is a script-driven FTP client. It works like traditional FTP clients but does not require any user interaction while running, instead it works automatically using a text file which contains the actions ScriptFTP has to execute.
Okay that's the introduction, now let's start to try how this exploit work 
Requirements :
1. Python
2. Vulnerable ScriptFTP (Download link)
3. ScriptFTP Exploit
Step By Step :
Attacker IP : 192.168.8.93
Victim IP : 192.168.8.91
1. Download the exploit and also download the vulnerable scriptFTP application from the link above(we won't hurt anyone else here).
2. In this scenario, the attacker(192.168.8.93) will act as an FTP server. We need to run the server by executing the exploit by running the following command python scriptFTP.py.
3. The next step we need to create the FTP script to be executed by FTP script application in victim side. You can view how to create the script from here but you also can view my script below and edit using notepad(or other text editor) and then save as .ftp extension.
4. When victim open the FTP script we create in step 3
5. We've got the shell
Countermeasure :
1. Until now I wrote this tutorial, the application status still zeroday(a.k.a no cure)
Hope it's useful
Incoming search terms:
- backtrack win xp service pack 3 hack
- how to hack ftp server using python
- python ftp hacking
- step hacking py ftp
- windows xp hack scripts and tricks
Written by Vishnu Valentino.
Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by v4L || Visit Website : http://www.vishnuvalentino.com
Popular Posts
4 Responsesto “Hacking Windows XP SP3 via Script FTP Vulnerability”
Leave a Reply
Links
Get Updates via Networkedblogs
Hi bro nice tutorial you always rocks i m back again i was outsdie thats way not able to mail you hope you will be fine God bless you …………..Jeet jain
I appreciate your work but as a newbie, lot of stuff I don t get, I am using backtrack 5 and I can not find scriptftp app, I don t see the victim IP in your connect.ftp file
Does this exploit gives me access to the C: of the victim ?
thank you
when i try to do telnet (ip) port ..i got result could not open to connection to host on port .122.x.x.x. 23 : connection failed
as you can see that port on that ip is open for telnet what i am doing wrong?
21 tcp open
23 tcp open
80 tcp open
7547 tcp open
thats nmap port scanner result of victim ip
#joand
it’s because victim have firewall installed or your username & password was wrong.