Introduction
Apt install aptitude curl cmake build-essential mailutils python-dev python-pip libusb-1.0-0-dev python-numpy htop ftp locate screen kismet pure-ftpd tigervnc-standalone-server tmux default-mysql-server darkstat ntopng mana-toolkit beef-xss resolvconf mitmf dnsmasq hostapd. Hosting an FTP server on Kali can be achieved with the Pure-FTPd FTP server software. The Bash script below can be used to download and install the Pure-FTPd software and configure it with an FTP user with the username “ftp”, the password “password” and a /root/how-to/ directory as the FTP root.
- Get my OWASP course with 90% discount on Udemy.Use coupon code: HACKYTDis a demo.
- In this tutorial we describe how to install a better solution than tftp server with FTP protocol, using pure-ftp and centos 7. Tasks: – scheduled backup of running-config file on remote FTP server – automatic snapshot at every write memory command. Steps: – pure-ftp installation – Cisco device configuration.
Pure Ftpd Config
If we are going to penetrate victim computers (in the test lab) and establish communication to and from those clients so that we may execute commands and transfer files we will need some network services like SSH and FTP.
SSH
SSH or secure shell allows you to open a secure terminal connection to a remote host, or simply to login to a remote computer in order to execute commands. This is done through a client server model where a SSH client connects to a SSH server. This type of connection is typically used to securely exchange encrypted data with a remote host, with the data being commands but can even be files using SFTP and SCP which utilize the SSH protocol. SSH was developed to replace non secure remote connection protocols like rlogin, telnet and rsh. SSH typically runs on port 22. SSH should be installed by default in BackTrack.
Manual pages on SSH and the SSHDaemon
#man ssh
#man sshd
Generate the secure keys for the host service
#sshd-generate
or
#ssh-keygen
Start the SSH server using the scripts in the init.d directory
#/etc/init.d/ssh start
Check to see if SSH is listening on Port 22
#netstat -antp
Since you are now running an SSH server, you could download PuTTY to your Windows client and SSH into your BackTrack machine. Try this, was it successful? If not, where might the block be? Are you VPN’d? Are there any firewalls on the client or on an intermediary network device?
Stop the SSH server using the scripts in the init.d directory
#/etc/init.d/ssh stop
Pure-ftpd Metasploit
If you want instructions on how to install SSHD in Ubuntu go here.
HTTPD (Apache)
Apache webserver is the most widely used webserver on the internet. From a network penetration perspective a webserver could be used an exploitation tool serving up malicious files and scripts that will execute against a victims browser and computer. It could also be used as a way of transferring files to a victim machine once access has already been accomplished. Webservers by their very public nature are great way for a hacker getting information or reconnaissance about a company or target. Apache webserver is usually run on port 80.
Start the Apache2 server using the scripts in the init.d directory
#/etc/init.d/apache2 start
Verify if Apache is listening on Port 80
#netstat -antp
Your server’s accessible web directory is located in /var/www/ and is where you would put your webpages.
If you want instructions on how to install HTTPD Apache in Ubuntu go here.
FTPD
FTP or file transfer protocol is a protocol that allows you to transfer files to and from a remote machine. BackTrack has pure-FTPd installed by default. FTP operates on port 21 and transfers files on port 20.
The steps to setting up pure-FTPd:
Installation (pure-ftpd is installed by default in BackTrack but in case you are using another Linux distribution)
#apt-get install pure-ftpd
#yum install pure-ftpd
Configuration to add a FTP user and setup an FTP directory
#groupadd ftpgroup
#useradd -g ftpgroup -d /dev/null -s /etc ftpuser
#pure-pw useradd <your ftp username> -u ftpuser -d /home/ftp/pub/<your ftp username>
You will be prompted to input a password twice
#pure-pw mkdb
#cd /etc/pure-ftpd/auth
#ln -s ../conf/PureDB 60pdb
#mkdir /home/ftp
#mkdir /home/ftp/pub
#mkdir /home/ftp/pub/<your ftp username>
#chown -R ftpuser:ftpgroup /home/ftp/pub/<your ftp username>
#/etc/init.d/pure-ftpd restart
Test you install of Pure-FTPd by FTPing to your loopback ip address
#ftp 127.0.0.1
key in your <ftp username>
key in your <ftp password>