Python: Penetration Testing for Developers
by Christopher Duffy, Mohit, Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
Creating an FTP C2
This script is a quick and dirty file-theft tool. It runs in a straight line up the directories, nabbing everything it comes into contact with. It then exports these to an FTP directory that it's pointed at. In situations where you can drop a file and want to quickly get the contents of the server, this is ideal as a starting point.
We will create a script that connects to an FTP, grabs the files in the current directory, and exports them to the FTP. It then jumps up into the next directory and repeats. When it encounters two directory listings that are the same (that is, it has hit the root), it stops.
Getting Started
For this, you will need a functioning FTP server. I'm using vsftpd, but you may use whatever you please. You'll ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access