Nmap ftp-bounce NSE Script
This page contains detailed information about how to use the ftp-bounce NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/ftp-bounce.nse
Script categories: default, safe
Target service / protocol: ftp, ftps
Target network port(s): 21, 990
List of CVEs: -
Script Description
The ftp-bounce.nse script checks to see if an FTP server allows port scanning using the FTP bounce method.
Ftp-bounce NSE Script Arguments
This is a full list of arguments supported by the ftp-bounce.nse script:
ftp-bounce.checkhostHost to try connecting to with the PORT command. Default: scanme.nmap.org
ftp-bounce.password
Password to log in with. Default IEUser@.
Username to log in with. Default anonymous.
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:
nmap --script=ftp-bounce --script-args ftp-bounce.checkhost=value,ftp-bounce.password=value <target>Ftp-bounce NSE Script Example Usage
Here's an example of how to use the ftp-bounce.nse script:
nmap --script=ftp-bounce <target>
Ftp-bounce NSE Script Example Output
Here's a sample output from the ftp-bounce.nse script:
PORT STATE SERVICE
21/tcp open ftp
|_ftp-bounce: bounce working!
PORT STATE SERVICE
21/tcp open ftp
|_ftp-bounce: server forbids bouncing to low ports <1025
Ftp-bounce NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Marek Majkowski
References
- https://nmap.org/nsedoc/scripts/ftp-bounce.html
- https://github.com/nmap/nmap/tree/master/scripts/ftp-bounce.nse
See Also
Related NSE scripts to the ftp-bounce.nse script:
- ftp-anon.nse
- ftp-brute.nse
- ftp-libopie.nse
- ftp-proftpd-backdoor.nse
- ftp-syst.nse
- ftp-vsftpd-backdoor.nse
- ftp-vuln-cve2010-4221.nse
Visit Nmap NSE Library for more scripts.
The ftp-bounce.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Error after PORT: %s
Here is a relevant code snippet related to the "Error after PORT: %s" error message:
79: stdnse.debug1("Can't send PORT")
80: return nil
81: end
82: code, message = ftp.read_reply(buffer)
83: if not code then
84: stdnse.debug1("Error after PORT: %s", message)
85: return nil
86: end
87: if code < 200 or code > 299 then
88: stdnse.verbose1("PORT response: %d %s", code, message)
89: ftp.close(socket)
Error after PORT: %s
Here is a relevant code snippet related to the "Error after PORT: %s" error message:
96: stdnse.debug1("Can't send PORT")
97: return nil
98: end
99: code, message = ftp.read_reply(buffer)
100: if not code then
101: stdnse.debug1("Error after PORT: %s", message)
102: return nil
103: end
104: if code < 200 or code > 299 then
105: stdnse.verbose1("PORT (low port) response: %d %s", code, message)
106: ftp.close(socket)
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
