Nmap ftp-proftpd-backdoor NSE Script
This page contains detailed information about how to use the ftp-proftpd-backdoor NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/ftp-proftpd-backdoor.nse
Script categories: exploit, intrusive, malware, vuln
Target service / protocol: ftp
Target network port(s): 21
List of CVEs: -
Script Description
The ftp-proftpd-backdoor.nse script tests for the presence of the ProFTPD 1.3.3c backdoor reported as BID
45150. This script attempts to exploit the backdoor using the innocuous
id command by default, but that can be changed with the
ftp-proftpd-backdoor.cmd script argument.
Ftp-proftpd-backdoor NSE Script Arguments
This is a full list of arguments supported by the ftp-proftpd-backdoor.nse script:
ftp-proftpd-backdoor.cmd
Command to execute in shell (default is id).
- - -
To use this script argument, add it to Nmap command line like in this example:
nmap --script=ftp-proftpd-backdoor --script-args ftp-proftpd-backdoor.cmd=value <target>Ftp-proftpd-backdoor NSE Script Example Usage
Here's an example of how to use the ftp-proftpd-backdoor.nse script:
nmap --script ftp-proftpd-backdoor -p 21 <host>
Ftp-proftpd-backdoor NSE Script Example Output
Here's a sample output from the ftp-proftpd-backdoor.nse script:
PORT STATE SERVICE
21/tcp open ftp
| ftp-proftpd-backdoor:
| This installation has been backdoored.
| Command: id
| Results: uid=0(root) gid=0(wheel) groups=0(wheel)
|_
Ftp-proftpd-backdoor NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Mak Kolybabi
References
- https://nmap.org/nsedoc/scripts/ftp-proftpd-backdoor.html
- https://github.com/nmap/nmap/tree/master/scripts/ftp-proftpd-backdoor.nse
See Also
Related NSE scripts to the ftp-proftpd-backdoor.nse script:
- ftp-anon.nse
- ftp-bounce.nse
- ftp-brute.nse
- ftp-libopie.nse
- ftp-syst.nse
- ftp-vsftpd-backdoor.nse
- ftp-vuln-cve2010-4221.nse
Visit Nmap NSE Library for more scripts.
The ftp-proftpd-backdoor.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Failed to send privilege escalation command: %s
Here is a relevant code snippet related to the "Failed to send privilege escalation command: %s" error message:
86: end
87:
88: -- Send command to escalate privilege.
89: status, err = sock:send(CMD_FTP .. "\r\n")
90: if not status then
91: stdnse.debug1("Failed to send privilege escalation command: %s", err)
92: sock:close()
93: return
94: end
95:
96: -- Check if escalation worked.
Privilege escalation failed: %s
Here is a relevant code snippet related to the "Privilege escalation failed: %s" error message:
94: end
95:
96: -- Check if escalation worked.
97: code, message = ftp.read_reply(buffer)
98: if code and code == 502 then
99: stdnse.debug1("Privilege escalation failed: %s", message)
100: sock:close()
101: return
102: end
103:
104: -- Send command(s) to shell.
Failed to send shell command(s): %s
Here is a relevant code snippet related to the "Failed to send shell command(s): %s" error message:
102: end
103:
104: -- Send command(s) to shell.
105: status, err = sock:send(cmd .. ";\r\n")
106: if not status then
107: stdnse.debug1("Failed to send shell command(s): %s", err)
108: sock:close()
109: return
110: end
111:
112: -- Check for an error from command.
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
