The Cracking part

Sometimes you'll find ftp-servers which you really want to have access to. But...there is a password on it. I hear you screaming: 'Oh, no!!!'. Well actually this isn't a that big problem. You just have to work a little bit harder for your files.
We can always crack ourself a way into those servers. But REMEMBER!!! This is ILLEGAL!!! But i'll just imagine you guys always follow the rules and will never ever try this out in real and are just reading this you've got nothing else to do.

So what am i gonna teach you in this post? Well...

• Running a simple wordlist made by me for just checking
• Seeking for vulnerabilities and using exploits
  
• Using wordlists
• Bruteforceing (i do not recommend this)

RUNNING A WORDLIST
First of we're gonna try a simple wordlist for just checking whether the site made a just simple to guess password for the server. Cuz, why should we try a full dictionary when the password is just ftp which is of course in my password list.
We call the trying of words in the password form a dictionary attack. We can of course try all the passwords by hand, but this would cost to much time and physical activity. Instead we use software. You might want to try out the following apps:

Windows
-Hydra
-Brutus
Linux
-XSCAN 2.3
-Hydra

So now, depending on the software, you chose for dictionary attack and select a wordlist. And if your bruteforcer enables the feature to select a userlist, just chose the passlist as well. The list isn't that long and all users are included in the list so... Now press run and there you go!

Now where can you get this passlist then?
Here it is. Just copy the text into you texteditor and save it as passlist.txt.

passlist.txt
---------------------------------------------------
admin
guest
anonymous
ftp
FTP
ADMIN
ADMINISTRATOR
ROOT
root
r00t
GUEST
000
0000
password
blanc
blank
_blanc
_blank
pass
pas
user
test
test1
test2
test3
test
test4
ren
iown
god
hack
hackme
youdontknow
music
mp3
mp4
movies
download
downloadftp
avi
films
film
movie
cinema
server
ftp-server
ftpserver
net
netwroking
networking
hack
hacker
clear
cls
owner
---------------------------------------------------------------------------

Now of course you can also make one yourself or search for word lists. Such as dictionaries. Just go to google and type in ext:txt dictionary and you get some wordlists. You can of course also look in webpages itself. Now we're not gonna try out every wordlist we can find right? Now we should search depending on your target. Is it a ftp server for friends with an mostly easy to guess password use mine, but if it is an ftp server about games search for a list of games or game characters. When the server is about movies search for lists which consist of movies. I could go on for years.

Another thing to do is using an exploit. To use an exploit you first have to know which service or software is running on the ftp server. To do this we can scan the target with NMAP. We know the ftp port usually is 21 so we scan the ports 1 till 100. We do this by typing in nmap -p1-100 targetsip. But now we don't have the service so we just type in nmap targetsip.
You now should get a list of ports and the services running on it. For example:
21 FTP ProFTPd *.*.*.
What we could also do is reading the header message when we connect to the FTP server by the bouldin FTP software on UNIX and Windows computers. Go to the commandprompt and type in 'ftp target'. You now get an ftp header message for example:
welcome to ProFTPd *.*.*. 1 of 21 allowed blabla.
We now know that we have to do with PROFTPD and the version number.
Now we go to our best friend Google and type the service (ProFTPd) and the version number and exploit. So ProFTPd *.*.* exploit. Now you should get some exploits ready. Look for remote exploits which means 

List of FTP servers

Here it finally is: the list of FTP servers. I will try to update this list as frequently as possible. In this post i will use the lists from other websites and after that i am gonna add individual servers.


http://www.ftp-sites.org/
This website contains a large database of ftp servers which are accessible by everyone. There is a download link over there so you can download the database.
So if you want to download a movie you just download the file and in your texteditor you search for movies. In a matter of time you'll get your download server. Note: there are some dead links.

Now a fully edited list made personally by myself. I also checked them and i will type n.a. (which stands for not applicable) when it is a dead link.

Steady, steady.... ah here it is:
  1. ftp://ftp.freenet.de/pub/filepilot/        SOFTWARE       
 
  2. ftp://193.43.36.131/Radio/MP3/            MUSIC           
 
  3. ftp://195.216.160.175/                N.A.       
 
  4. ftp://207.71.8.54:21/games/            GAMES
 
  5. ftp://194.44.214.3/pub/music/            MUSIC
 
  6. ftp://202.118.66.15/pub/books            EBOOKS
 
  7. ftp://129.241.210.42/pub/games/            GAMES
 
  8. ftp://clubmusic:clubmusic@217.172.16.3:8778/    MUSIC
 
  9. ftp://212.174.160.21/games            GAMES       
 
  10. ftp://ftp.uar.net/pub/e-books/            EBOOKS
 
  11. ftp://129.241.210.42/pub/games/            GAMES
 
  12. ftp://193.231.238.4/pub/                SOFTWARE
 
  13. ftp://207.71.8.54/games/                GAMES
 
  14. ftp://194.187.207.98/video/            VIDEO
 
  15. ftp://194.187.207.98/music/            MUSIC

  16. ftp://194.187.207.98/soft/            SOFTWARE

  17. ftp://194.187.207.98/games/            GAMES       
 
  18. ftp://ftp.uglan.ck.ua/           (OFFICIAL) GAMES,SOFTWARE,PICTURES,PERSONAL,VIDEOS
 
  19. ftp://159.153.197.74/pub                GAMES,GAMEMANUALS,GAMETRAILERS,VIDEOCONTENT
 
  20. ftp://leech:l33ch@61.145.123.141:5632/        N.A.
 
  21. ftp://psy:psy@ftp.cybersky.ru            N.A.
 
  22. ftp://130.89.175.1/pub/games/            GAMES
 
  23. ftp://194.44.214.3/pub/                EBOOKS,SOFTWARE,MUSIC,OS
 
  24. ftp://195.116.114.144:21/                N.A.               
 
  25. ftp://64.17.191.56:21/                VIDEO (MOVIES),SOFTWARE
 
  26. ftp://80.255.128.148:21/pub/            OS,SOFTWARE,VIDEO,MUSIC,GAMES,EBOOKS
 
  27. ftp://83.149.236.35:21/packages/            PASSNEEDED
 
  28. ftp://129.241.56.118/                N.A.
 
  29. ftp://81.198.60.10:21/                SOFTWARE
 
  30. ftp://128.10.252.10/pub/                WORDLISTS,OS,EBOOKS,SOFTWARE
 
  31. ftp://129.241.210.42/pub/                EBOOKS,GAMES,MUSIC
 
  32. ftp://137.189.4.14/pub                EBOOKS,OS,SOFTWARE
 
  33. ftp://139.174.2.36/pub/                SOFTWARE,OS
 
  34. ftp://147.178.1.101/
 
  35. ftp://156.17.62.99/
 
  36. ftp://159.153.197.74/pub/

  37. ftp://193.140.54.18/pub/

  38. ftp://192.67.63.35/
 
  39. ftp://166.70.161.34/
 
  40. ftp://195.161.112.15/musik/            MUSIC
 
  41. ftp://195.161.112.15/
 
  42. ftp://195.131.10.164/software            SOFTWARE
 
  43. ftp://195.146.65.20/pub/win/
 
  44. ftp://199.166.210.164/
 
  45. ftp://195.46.96.194/pub/
 
  46. ftp://61.136.76.236/
 
  47. ftp://61.154.14.248/
 
  48. ftp://62.210.158.81/
 
  49. ftp://62.232.57.61/
 
  50. ftp://212.122.1.85/pub/software/            SOFTWARE
 
  51. ftp://193.125.152.110/pub/.1/misc/sounds/mp3/murray/    SOFTWARE

What is FTP and how to use it

While this blog is pointed to already FTP-users, which want to explore the network more, i also want to make the common computer user familiar to FTP. So that's why i posted this post. To explain what FTP is.
I am gonna do this by copying fragments of larger articles which explain things about FTP. This way i don't have to type that much. And i think it is more synoptic for you guys as well.

What is FTP, and how do I use it to transfer files?

On this page:

* Overview
* How to use FTP
* Keeping track of files
* Anonymous FTP

source:http://kb.iu.edu/data/aerg.html

FTP Guides, Resources, and Tutorials
File Transfer Planet has the information you need to get informed and involved with your file transfers. If the guides below do not help, or if you have a specific question/problem we strongly recommend that you check out our Forums! Our staff and local experts will do their best to answer your question promptly.

source:http://www.filetransferplanet.com/ftp-guides-resources/

After reading all this information you must be an expert at FTP, so you can continue reading my next posts!


See you later,
Raseac_MI

Why this blog and what is FTP-snorring

Why this blog?

I made this blog for Ftp enthusiasts and people who would like to become one. In this blog I will post a list of ftp servers (very handy), tips and trics, ftp clients and more. I'll post just a little bit about setting up ftp servers, this because i don't own one myself. In the next post i'll put a tutorial about finding the location of ftp servers and then importing them to google earth or google maps. This way you have a nice overview of all ftp servers and their phisical location. Maybe, dear readers, can you guys mail all ftp servers you know to me so I can make a nice Google Earth file. I then will put this file on the internet so all of you guys can download it. 

What is FTP-snorring

Ftp snorring is the searching of FTP-servers and then mapping or registering them. And of cource then sharing them with other people. I hear you thinking:'But why should i ever need ftp servers?'. Well, that's an easy question. You know that ftp-servers are in fact just computers which share files and space on their harddrive.

This means that those servers share files, such as photos, music and movies! Of course you can just go to youtube and then listen to those music clips, but you want to download those files! You could go to some website or download software to download the audio clips, but this takes to long. FTP is just way easier and faster. You just ftp to the server, go to the directory MP3 and listen to the music just as if the files were on your own computer. And for the downloading part: just click on it and click on the save as button.

Comparing ftp to limewire or other peer2peer software, ftp is faster and you can directly listen to the music(instead of with limewire, where you first have to download the file and then listen to it)