close(x)

Exploring Metasploit Auxiliary Modules FTP


Metasploit FTP Modules

Welcome back, my hacker novitiates! In previous guides, we have used one of the most powerful hacking platforms on the planet to perform many hacks, Metasploit. They ranged from exploiting Windows XP and Windows 7/8 vulnerabilities, installing keylogger and remotely turning on a webcam. We are also able to save the world from nuclear destruction, see if our girlfriend is cheating, spy on suspicious neighbors, avoid antivirus detection, and more.

In each of those tutorials, we focused primarily on using two types of Metasploit modules, exploits and payloads, but Metasploit has many other types including NOP (no operations), encoder, post (post exploit) and helper . In this article, I want to introduce you to the helpful modules in Metasploit where many powerful tools await our call.

Fire Up Kali

Let’s get started. First, fire Kali and open a terminal like the one below.

Exploring Metasploit Auxiliary Modules FTP

 

Go to Metasploit Framework Directory

Now, let’s navigate to the Metasploit directory in Kali:

cd /usr/share/metasploit-framework

Please note that we are not implementing the Metasploit console. We are just navigating to where Metasploit resides in the file system, so that we can find out what modules exist there.

 

Metasploit FTP Modules

Next, let’s list the contents of that directory like that below.

kali > ls -l

Let’s now navigate to the subdirectory modules and do a listing on that subdirectory.

kali > cd modules

kali > ls -l

As we can see in the screenshot above, Metasploit has six (6) different types of modules:

  • auxiliary
  • encoders
  • exploits
  • nops
  • payloads
  • post

As stated before, in nearly every previous Meatsploit tutorial here on Null Byte, we have focused exclusively on the exploits and payloads. I have also done a couple of guides on using the encoders module, but we have never explored the NOPs, auxiliary, or post modules. Today, let’s examine what is available to us in the auxiliary module.

Open Auxiliary Directory

First, let change directories to the auxiliary directory and do a directory listing.

kali > cd auxiliary
kali > ls -l

When we do so, we can see that the auxiliary module directory is broken down to many sub-directories starting with the admin directory and ending through the vspoit directory.

Explore the Auxiliary Sub Directories

As you can see, there are numerous auxiliary directories and modules, but for now, let’s focus on one—the fuzzers.

Fuzzing

Fuzzing is the practice of attempting random input into a variable area to see whether we can “break” it. That is, if we try to put too much data or a data of a type not expected, we may be able to get the buffer to overflow.

Buffer overflows (I’ll do a few articles soon on this subject) are among the most serious types of vulnerabilities as they often enable us to execute our own code remotely. Fuzzing is often the first step in finding a vulnerability that may lead to the development of a zero-day exploit.

Now let’s navigate to the fuzzer directory:

kali > cd fuzzers

Once we are in the fuzzer directory, let’s look inside with an long listing.

kali > ls -l

As you can see, Metasploit has seven (7) types of fuzzers:

  • dns
  • ftp
  • http
  • smb
  • smtp
  • ssh
  • tds

Each of these directories include programs or scripts that enable us to fuzz a particular protocol or function. We will focus our attention on ftp fuzzing in this tutorial.

Open the Fuzzers

Let’s look inside the ftp fuzzing directory:

kali > cd ftp
kali > ls -l

As you can see, there are two fuzzers for ftp, the client_ft.rb and the ftp_pre_post.rb. Let’s use the ftp_pre_post.

Use the FTP Pre Post Fuzzer

Now that we have identified an auxiliary module we want to use, let’s open the msfconsole and find and use this module. Open the msfconsole by typing msfconsole in any directory from a terminal. This will open up the msfconsole and provide us with an msf prompt.

To find the fuzzer modules in Metasploit, we can use the search function built into msfconsole. We can type:

msf > search type:auxiliary fuzzers

Here we are asking msfconsole to list us only those modules that are auxiliary (type:auxiliary) and contain the keyword, ftp.

The results of that search are listed above. I have highlighted in the screenshot the module we will be using, auxiliary/fuzzers/ftp/ftp_pre_post.

Load the Fuzzer Module

To load the module, simply type:

msf > use auxiliary/fuzzers/ftp/ftp_pre_post

Let’s take a look at the particulars of this module by looking at its info page.

msf > info

Although this module has many options, to run it we only need to provide a target IP address. In this case, we will run it against a Windows 2003 server with IIS 6.0 and an FTP server. Let’s set the IP address:

msf > set RHOSTS 192.168.1.1

After setting the target IP address, we then only need to run this ruby script.

msf > run

As we can see above, the fuzzer begins by running random input set to size 10 bytes and increments the size by 10 each attempt. The default setting runs to size 20,000, but we can change that to any value that we find appropriate.

After attempting random input, it then begins to attempt various command inputs once again beginning at 10 bytes and incrementing by 10 to 20,000 bytes. It will stop when it finds two error messages or comes to the end of all of its attempts. Just a warning, this can take hours.

Keep coming back, my hacker novitiates, as we explore more Metasploit auxiliary modules and use them to find unknown vulnerabilities and progress toward developing our own zero-day exploits.

Have any Question or Comment?

4 comments on “Exploring Metasploit Auxiliary Modules FTP

I have been examinating out many of your posts and it’s clever stuff. I will surely bookmark your website.

Reply

Heya i am for the primary time here. I found this board and I in finding It truly helpful & it helped me out much. I’m hoping to offer one thing back and aid others like you helped me.

Reply

[…] I wanted to give someone access to my Kali linux  box and this is what I […]

[…] a shellcode using metasploit and […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Help

If you need any kind of hacking tools and software, then contact me.

Instagram

Facebook

twitter

Youtube

Recent Posts

Categories

google Adsense

Hacking tools list

Binders (23):

amokjoiner
Bl0b B!nder 0.2.0 + USG
blackhole Binder
F.B.I. Binder
Predator 1.6
PureBiND3R by d3will
Schniedelwutz Binder 1.0
Simple Binder by Stonedinfect
sp1r1tus Binder 1.0
Tool-Store Binder 1.0
Tool-Store Toasty Binder 1.0
Yet Another Binder 2.0
Albertino_Binder
bl0b_bind
EESBinder10
Kbw-Binder
Public_27.12
Rapid_Binder_v_1.0
Sadaf_Binder
SaLiXeM_File_Binder
Sh!T_Multi_Binder_Free-
vBinder
yab201

“““““““““““““““““““““““““““““““

Cracking Tools (16):

Access Driver
Ares
Attack Toolkit v4.1 & source code included
Brutus
Golden eye 2005
HellLabs Proxy Checker v7.4.18
HostScan v1.6.5.531
Invisible Browsing v4.0
IPScanner v1.86
Net Tools Suite Pack Abril
NFO-Tools All In One
Patchs All In One 2005
Sentry20
SoftIce 4.05 -Win 2000-XP
VNC Crack
WWWHack

“““““““““““““““““““““““““““““““

Crypters (24):

Bifrost Crypter by ArexX 2
Cryptable Seduction 1.0 by DizzY
Crypter by Permabatt
Crypter bY YoDa
Cryptic 1.5
Daemon Crypt 2 Public
Deception 4 by [RaGe]
Destructor Crypter
EXECrypt 1 M0d by CARDX
Fuzz Buzz 1.2 by BulletProof
OSC-Crypter by haZl0oh M0d
Poison Ivy Crypt M0d by CARDX
SaW V1 Mod by LEGIONPR
Skorpien007 Crypter 3.1
Stonedinfect Crypter 1.0
Trojka Crypter 1.1 by tr1p0d
Builder
Carb0n_Crypter_1.8
Sick Crypter
Sikandar’s_Crypter_Version_1.0_Public
Simple+Crypter
Test1
Triloko_Crypter
XxVtecman9xX_Crypter

“““““““““““““““““““““““““““““““

DDosers (53):

assault_1.0
click_2.2
crazyping_1.1
death_n_destruction
donut_http_flooder_1.4
fed_up_2.0
firewall_killer_1.3
igmp_nuke_1.0
illusion DOS
krate_port_bomber
meliksah_nuke_2.5
nemesy_1.3
NetBot_Attacker 1.4 English
panther_2.0
spoofed_irc_nuker_1.3
~FuCk_It!~_DOS
ass4ult
b4ttl3p0ng
bd0rk’s DoS Killer
BFF_DoS_%28Ping%29_v1.0
BioHazard
clik2
CS_DoS
DDOS
denden_ddos
DoS 5.5 Fina Cold_Assassin69l
Dos Attacker Alpha 1.1
doshttp_setup
fortune
FUBAR
Hartz4Flooder_v0.2.
IFRAME_DDoS_v1.0
iGirls_DoS_Tool
IP Port Ddos
IRAN DoS
Longcat_TCP_HTTP_UDP_Flooder_v2.3_Final
MegaDeath
PM2
Private_ddos_tool_by_pureedee_v3.0
rDos
RocketV1_0
rpcnuke
ServerAttack
Site_Hog_v1_release
SMFH_DOS
SuPeRdDoS_1.0
Supernova 5
SYN-flood
t3c4i3_s_Dos_Tool_v2.00
Website_Crasherv4.7
XDos
zDoS

“““““““““““““““““““““““““““““““

Fake Programs (24):

Cod_Mw2_Keygen-Idecrypt
CoD-Mw2-Keygen
ddoser_3.6
Dice_RiggerDoXiE__1.2
emblem_crypter
FAKE_Steam_Keygen
FlexBot_Runescape
Flooder
Gamebattles_Credit_Adder
Microsoft_Point_Generator
MSDN_admin
MSN_Password_Cracker
Multi-Hacker
MW2_Serial_Generator
Norton_2010_Keygen
Paypal_Money_hack
PayPal_Money_Hacker
Poker_Hack
Rapidshare%20Extender
Runescape_Stat_Changer
teamviewer_patch
Windows_7_Serial_Generater
Windows_Activator
WoW_account_hacker
XBox_360_Account_Hacker

“““““““““““““““““““““““““““““““

Host Boosters (8):

BioZombie
dbot
DDoSeR_3.4
Host_Booter
Metus_GB_Edition
MeTuS-Delphi-2.8
X-R
z3r0xb0t_Final_Public_Release_[v2.0]

“““““““““““““““““““““““““““““““

Phishing Pages (56):

eBay.com
Fake Login Page(Tut)
Gmail.de
Playstation Underground
RapidShare.com
RapidShare.de
Abbey ( CC ) Phisher
Abbey Phisher
AceMailer-v1
Adult Friend Finder Phisher
AIM Phisher
Amazon Phisher
AnonymousMailer
astatalk Phisher
Chase Phisher
DeviantArt Phisher
Dynamic_RapidShare_Phisher_v0.8
E-Trade Phisher
facebook Phisher
FileFront Phisher
FreeWebs Phisher
Friendster Phisher
Gaia Gold generator Fake login
Gmail Phisher
GoDaddy Phisher
Habbo Phisher
Hi 5 Phisher
hotmail Phisher
HP ( Shop ) Phisher
IMVU Phisher
IP Hider
Jiffy Gmail Account Creator
MySpace Phisher
Nationwide Phisher
PayPal Phisher
Phisher Maker!
Phishing Letters
Photobucker Phiser
PornoTube Phisher
RapidExtract
Regions Phisher
Ripway Phisher
RuneScape Phisher
SendSpace Phisher
Skype Phisher
SourceForge Phisher
Steam Phiser
Tagged Phisher
Tarantula
thisis50 Phisher
Warez-bb Phisher
Wells Fargo Phisher
WoW Phisher
WWE Phisher
XboxLive Phisher
YouTube Phisher

“““““““““““““““““““““““““““““““

Remote Administration Tools: (86)

bn135
SubSeven 2.2
[BUGFIX]Schwarze Sonne RAT 0.8.1
[BUGFIX]SS-RAT 0.4 Final
A32s (fifth) RAT
Apocalypse144
Arabian-Attacker v1.2.2
Arabian-Attacker v1.4.0
Archelaus Beta
Arctic R.A.T. 0.0.1 Alpha
Beast v2.07
Bifrost12
Cerberus RAT 1.03.4 Beta
Cerberus
Char0n
CIA_v1.3
CyberGate v1.00.1
CyberGate v1.02.0
CyberGate v1.03.0
CyberGate v1.04.8
CyberGate_v1.01.8
CyberGate-v1.00.0
Daleth RAT 1.0(ss rat src)
DarkComet2RC1
DarkComet2RC5
DarkComet-RAT 2.0 Final RC2
DarkComet-RAT 2.0 Final
DarkComet-RAT 2.0 LAST BETA
DarkComet-RAT 2.0b 2
DarkComet-RAT 2.0b3
DarkComet-RAT Beta Test 01
DarkMoon v4.11
Deeper 1.0 Beta10 – Fix1
Deeper_1.0_Beta8
Deeper_1.0_Beta9
DRAT 2009 V4.0 Build 1201
DRAT 2009 V4.2 Build 1216
Golden Phoenix Rat 0.2
GraphicBooting RAT Beta v0.3
Lost Door 4.2.2
Lost Door V2.2 Stable Public edition
Lost Door v4.3.1
Lost_Door_V4.2_light
MiniMo v0.7a PublicBeta
MiniMo_v0.7a_PublicBeta
miniRAT 0.6 Beta
MofoTro
NetDevil_v1.5
NovaLite_final5
NyTrojan_RAT
Optix v1.33
Optix_v1.33
PaiN RAT 0.1 Beta 9
painrat0.1Beta9
PI2.3.2
Pocket RAT
Poison Ivy 2.3.2
ProRat_v1.9 SE
Schwarze Sonne 0.2 Final
Schwarze Sonne RAT 0.1 Final
Schwarze Sonne RAT 0.1 Public Beta 2
Schwarze Sonne RAT 0.1 Public Beta
Schwarze Sonne RAT 0.2 Beta
Schwarze Sonne RAT 0.7
Schwarze Sonne RAT 0.8
Schwarze_Sonne_0.5_Beta
Seed1.1
sharK_3
SharpEye-Rat1-0_beta2
solitude_1.0_cracked_by_DizzY_D
Spt-Net_[RAT]_v2.6
Spy-Net 2.7
SS-RAT 0.3 Beta
SS-RAT 0.5 Final
SS-RAT 0.6 Final_bugfix
SS-RAT 0.6 Public Beta
SubSeven_2.3
Turkojan4
Vanguard
Venomous Ivy
vibe1909_10giayFamatech.Radmin.v3.1.Remote.Control.Cracked-NoGRP
VorteX RAT
xHacker.3.
xtremeRAT
Y3kRat2k5RC10

“““““““““““““““““““““““““““““““
Scanners: (23)

Advanced IP Scanner
Advanced Port Scanner
Bitching Threads
BluePortScan
LanSpy
NeoTracePro
NetScan Tools
ProPort
Putty_0.6
SuperScan [Fav]
Trojan Hunter 15
ZenMap – NMap V5.21 [Win]
angry_ip_scanner
bitchinthreads
bluesprtscn
bobup
DD7s_Port_Scanner
HLDL-5967freeipscanner
ProPort
superscan4
te_port_scanner
TrojanHunter15
xss_scanner

“““““““““““““““““““““““““““““““

Sniffers: (2)

Cain & Abel Self Installer [WinXP]
WireShark Self-Installer [Win32]

“““““““““““““““““““““““““““““““

SQL Injection Tools: (14)

Vbulletin 3.6.5 Sql Injection
GYNshell.php
Havij_1.08
Hexjector v1.0.7.3SE
MySQLi_Dumper_v.1.2_BIN
Pangolin_Professinal_Edition_v3.0.0.1011
SPInjv1.2
Sql Hack pack -Updated
sql.txt
SQL_Exploiter_Pro_2.15
SQL_Injection_Tool_v2.1a
SQLDEFACER
V3MoHackzSQLExplt
yourleetdefacepage.html

“““““““““““““““““““““““““““““““

Stealers: (75)

1337 SteamACC Stealer Private
Allround Stealer
Armageddon Stealer 1.0 by Krusty
bl0b Recovery 1.0
Blade Stealer 1.0 PUBLIC
Codesoft PW Stealer 0.35
Codesoft PW Stealer 0.50
Dark Screen Stealer 2
Dimension Stealer 2 by Gumball
FileZilla Stealer 1.0 PUBLIC
FileZilla Stealer by Stonedinfect
Firefox Password Stealer – Steamcafe
Fly Stealer 0.1
Fudsonly Stealer 0.1
Hackbase Steam Phisher 1.2 BETA
Hackhound 0.0.1.4
Hackhound Stealer
HardCore Soft 0.0.0.1
ICQ Steal0r
IStealer 4.0
IStealer 6.0 Legends
Keyloggers
LabStealer by Xash
Multi Password Stealer 1.6
Papst Steale.NET
Pass Stealer 3.0
Pesca Stealer 0.2
pixel Stealer 1.3.0 SC
pixel Stealer 1.4.0
ProStealer
Public Firefox 3 Stealer
Pure-Steam 1.0 CS
Pw Stealer by Killer110
PWStealer 2.0
Remote Penetration 2.2
SC LiteStealer 1
SimpleStealer 2.1
SPS Stealer
SStealer by till7
Steam Stealer 1.0 by ghstoy
Steam Stealer by till7
Stupid Stealer 6 mit PHP Logger
System Stealer 2
The Simpsons Stealer 0.2
Tool-Store FileZilla Stealer 1.0
Trojan Horses
Ultimate Stealer 1.0
Universal1337 – The Account Stealer
Universal1337 2
Universal1337 3
Viotto Keylogger 2.0
[Release]Hackhound_Stealer
1337_SteamACC_Stealer_Private
AuraStealer
BKL_Public_Edition_v2.0
Builder
Dark_IP_Stealer_-_by_mana5olia
Dark_Screen_Stealer_V2
FF_Stealer_steamcafe
iStealer_3,0
iStealer_4.0
istealer_5.0
iStealer_6.3_Legends
jps18
LabStealer
lps
Midnight_Stealer_1.5
Multi_Password_Stealer_1.6
PassStealer_v3.0
PWstealer_v2.0
Ref_Stealer_-_99__FUD
Remote_Penetration_v2.2
SimpleStealer_v1.2.4.1
Universal1337_V2
UNLIMITED_PW_STEALER_0.4

“““““““““““““““““““““““““““““““
Virus Builders: (10)

DELmE’s Batch Virus Generator v 2.0
DrVBS
hellp2p
In_Shadow_Batch_Virus_Gen_-_5.0.0_-_MOD
Kill_Switch
Nathans_Image_Worm
Pokes-Worm-Gen-2
Power Of Batch.txt
Tera_Bit
vbswg2
Virus-O-Matic

“““““““““““““““““““““““““““““““

Vulnerability Scanners and Exploiters: (2)

Metasploit Framework V3.4.0 [Win]
Nessus [Win32]

*********************************************************************************************************
*********************************************************************************************************