Every one must be familiar with FTP (file transfer protocol). Files are transfered in clear text! We were testing IIS with ftp for common vulnerabilities. We needed something to sniff data specialy FTP and found this FTPXEROX tool its old but works.
FTPXerox grabs files that are transferred across the network using the FTP protocol. It was written to demonstrate the fact that any “clear-text” file transfer protocol is susceptible to such attacks. It implements a full end-to-end TCP re-assembly engine that watches for FTP transfers. Once the engine detects an FTP file transfer, it grabs the file off the wire and stores it in a local file. It is quite intelligent in the sense, it can reconstruct exact file names and even grab binary files! Version 1.0, however, does NOT support PASV mode file transfers.
Mostly this tool will be helpful for white hat security testers to test how to secure existing ftp setup, or, you can say that some one from the inside needs to gather some information hmm?
Requirements:
Winpcap Drivers v2.02
Download FTPXEROX here
Related External Links
ftpxerox download
You must log in to post a comment.