It is circulated online that it can be implemented using the MSWinsock control, which is not good. Because this is a third-party component, haha, the probability is quite small. Since you want to kill someone to silence him, hehe, you must use a set of methods of killing.
Serv-U server management uses the FTP protocol, so we should study the FTP protocol first.
Normal FTP protocol authentication process:
220 Serv-U FTP Server v5.2 for WinSock ready...
user lake2
331 User name okay, need password.
pass lake2lake2
230 User logged in, proceed.
……
Now I'm messing around:
220 Serv-U FTP Server v5.2 for WinSock ready...
Hi, I'm Bill Gates!
530 Not logged in.
Open!
530 Not logged in.
I am hacker !
530 Not logged in.
Give you money
530 Not logged in.
user lake2
331 User name okay, need password.
pass lake2lake2
230 User logged in, proceed.
……
Note that if the expected data is not user XXX, Serv-U will return an error message and wait for the correct login command. What does it mean? Haha, it implies that we are going to succeed.
Recently, there are many XMLHTTP components used. The built-in component of this system is to use the HTTP protocol to send and receive data. We will use this component to achieve Serv-U raising of authority. The question now is how do we send the FTP protocol through the HTTP protocol?
Hehe, haven't you seen the results of my hard-working test just now? As long as you use POST to submit data, the content of POST is an FTP command, because the previous HTTP message header will be ignored by the command that Serv-U considers to be an illegal one, and the content of POST, namely the FTP command, will be accepted and executed!
Due to the characteristics of XMLHTTP and Serv-U, there are a series of problems: XMLHTTP does not have a timeout setting, and the HTTP message header that cannot wait for the server to respond will be suspended all the time; XMLHTTP is a single user and multiplexed Socket, and there are only 2 or 4 connections to the same target according to the HTTP protocol version, so after executing once (or twice) to add domains and delete domains, you cannot connect again; the pseudo FTP protocol used in the management mode of Serv-U, that is, the QUIT command is not recognized, resulting in the connection being unable to be disconnected (using ServerXMLHTTP can solve these problems well, but it is limited to XP, and it is not possible on 2000/2003, which is depressed).
So there is only one compromise method to solve the above problems:
1. Add the FTP user first in XMLHTTP;
2. Log in to FTP by yourself and use a new account to execute N multiple commands to increase authority;
3. XMLHTTP deletes new users
You must remember that because the connection cannot be disconnected, you only have one or two chances to perform the above steps! If you want to come back, haha, wait for IIS or FTP to restart.
Fortunately, I have also written a program that uses an FTP account with execution permissions to execute commands, which makes step 2 much more convenient. Download the program here:http://xiazai./tools/hacktools/
The complete ASP code is downloaded here:http://xiazai./tools/hacktools/
The ASP program will add a user with the username lake password admin123 execution permission on port 21. If there are any special circumstances (such as the ftp port is not 21), change the code yourself.
Learn from one example and it seems that you can use asp to access FTP in specific situations to do something, but that's your business.
Get rid of the group and leave the job, enjoy it!
Serv-U server management uses the FTP protocol, so we should study the FTP protocol first.
Normal FTP protocol authentication process:
220 Serv-U FTP Server v5.2 for WinSock ready...
user lake2
331 User name okay, need password.
pass lake2lake2
230 User logged in, proceed.
……
Now I'm messing around:
220 Serv-U FTP Server v5.2 for WinSock ready...
Hi, I'm Bill Gates!
530 Not logged in.
Open!
530 Not logged in.
I am hacker !
530 Not logged in.
Give you money
530 Not logged in.
user lake2
331 User name okay, need password.
pass lake2lake2
230 User logged in, proceed.
……
Note that if the expected data is not user XXX, Serv-U will return an error message and wait for the correct login command. What does it mean? Haha, it implies that we are going to succeed.
Recently, there are many XMLHTTP components used. The built-in component of this system is to use the HTTP protocol to send and receive data. We will use this component to achieve Serv-U raising of authority. The question now is how do we send the FTP protocol through the HTTP protocol?
Hehe, haven't you seen the results of my hard-working test just now? As long as you use POST to submit data, the content of POST is an FTP command, because the previous HTTP message header will be ignored by the command that Serv-U considers to be an illegal one, and the content of POST, namely the FTP command, will be accepted and executed!
Due to the characteristics of XMLHTTP and Serv-U, there are a series of problems: XMLHTTP does not have a timeout setting, and the HTTP message header that cannot wait for the server to respond will be suspended all the time; XMLHTTP is a single user and multiplexed Socket, and there are only 2 or 4 connections to the same target according to the HTTP protocol version, so after executing once (or twice) to add domains and delete domains, you cannot connect again; the pseudo FTP protocol used in the management mode of Serv-U, that is, the QUIT command is not recognized, resulting in the connection being unable to be disconnected (using ServerXMLHTTP can solve these problems well, but it is limited to XP, and it is not possible on 2000/2003, which is depressed).
So there is only one compromise method to solve the above problems:
1. Add the FTP user first in XMLHTTP;
2. Log in to FTP by yourself and use a new account to execute N multiple commands to increase authority;
3. XMLHTTP deletes new users
You must remember that because the connection cannot be disconnected, you only have one or two chances to perform the above steps! If you want to come back, haha, wait for IIS or FTP to restart.
Fortunately, I have also written a program that uses an FTP account with execution permissions to execute commands, which makes step 2 much more convenient. Download the program here:http://xiazai./tools/hacktools/
The complete ASP code is downloaded here:http://xiazai./tools/hacktools/
The ASP program will add a user with the username lake password admin123 execution permission on port 21. If there are any special circumstances (such as the ftp port is not 21), change the code yourself.
Learn from one example and it seems that you can use asp to access FTP in specific situations to do something, but that's your business.
Get rid of the group and leave the job, enjoy it!