Linux - pure-ftpd

pure-ftpd - Secure and efficient FTP server.

Platform: Linux kali 3.14-kali1-686-pae #1 SMP Debian 3.14.5-1kali1

Install pure-ftpd

root:~ /# apt-get install pure-ftpd

Permissions

Create a group and a user for ftp access.

Create a ftp user, and give him a password.

Set FTP root directory permissions.

root:~ /# groupadd ftp
root:~ /# useradd -g ftp -d /dev/null -s /etc ftp
root:~ /# mkdir /var/ftproot
root:~ /# pure-pw useradd ftp -u ftp -g ftp -d /var/ftproot/
Password:
Enter it again:
root:~ /# pure-pw mkdb
root:~ /# pure-pw list
ftp                 /var/ftproot/./
root:~ /# pure-pw show ftp

Login              : ftp
Password           : $1$0k4WWhr0$6oFQbM9s9WRHDQH.hVtlk0
UID                : 1000 (ftp)
GID                : 1002 (ftp)
Directory          : /var/ftproot/./
Full name          :
Download bandwidth : 0 Kb (unlimited)
Upload   bandwidth : 0 Kb (unlimited)
Max files          : 0 (unlimited)
Max size           : 0 Mb (unlimited)
Ratio              : 0:0 (unlimited:unlimited)
Allowed local  IPs :
Denied  local  IPs :
Allowed client IPs :
Denied  client IPs :
Time restrictions  : 0000-0000 (unlimited)
Max sim sessions   : 0 (unlimited)

root:~ /# ln -s /etc/pure-ftpd/pureftpd.passwd /etc/pure-ftpd.passwd
root:~ /# ln -s /etc/pure-ftpd/pureftpd.pdb /etc/pureftpd.pdb
root:~ /# ln -s /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/PureDB
root:~ /# chown -R ftp:ftp /var/ftproot/

Start Ftp Server

root:~ /# service pure-ftpd start
Starting ftp server: Running: /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb -l pam -l puredb:/etc/pure-ftpd/pureftpd.pdb -8 UTF-8 -E -u 1000 -O clf:/var/log/pure-ftpd/transfer.log -B
root:~ /# ss -ant
State      Recv-Q Send-Q                                                                                      Local Address:Port                                                                                        Peer Address:Port
LISTEN     0      9                                                                                                      :::21                                                                                                    :::*
LISTEN     0      9                                                                                                       *:21

Connect to FTP Server

root:~ /# ftp
ftp> open 127.0.0.1 21
Connected to 127.0.0.1.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 22:26. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
Name (127.0.0.1:root): ftp
331 User ftp OK. Password required
Password:
230 OK. Current directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Connecting to port 36495
-rw-r--r--    1 0          0                  22 Jul  9 22:27 README.md
226-Options: -l
226 1 matches total
ftp> quit
221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
221 Logout.

Crack FTP User Password

Crack pure-ftpd hash with john the ripper.

root:~ /# cat hash.txt
ftp:$1$0k4WWhr0$6oFQbM9s9WRHDQH.hVtlk0:::::
root:~ /# john --single  hash.txt
Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x])
ftp              (ftp)
guesses: 1  time: 0:00:00:00 DONE (Thu Jul  9 22:33:43 2015)  c/s: 85.71  trying: ftp - ftP
Use the "--show" option to display all of the cracked passwords reliably
root:~ /# john --show  hash.txt
ftp:ftp:::::

1 password hash cracked, 0 left

References

Installing Pure-FTPD - http://www.fuzzysecurity.com/tutorials/1.html