[unisog] RE: Port 33

Doug Payne dwpayne at ist.uwaterloo.ca
Tue Jun 3 20:50:56 GMT 2003


Steve Bernard wrote:

> I should have mentioned that I don't currently have physical access to the
> box. I will of course do a lower level inspection when I can. Attempts to
> connect to port 33 via other protocols (FTP, HTTP, SMTP), did not produce
> any results. As the telnet message indicates, "Not Loged in". There's
> obviously some method of authenticating or otherwise accessing the service.
> That's what I was hoping someone else would be able to provide ;)

Try typing HELP after the 220 prompt. An FTP server, even a rogue one, 
will often display something like (from an actual example of a rogue on 
a compromised system here):

214- The following commands are recognized (* => unimplemented).
    USER    PORT    RETR    ALLO    DELE    SITE    XMKD    CDUP
    PASS    PASV    STOR    REST    CWD     STAT    RMD     XCUP
    ACCT    TYPE    APPE    RNFR    XCWD    HELP    XRMD    STOU
    REIN    STRU    SMNT    RNTO    LIST    NOOP    PWD     SIZE
    QUIT    MODE    SYST    ABOR    NLST    MKD     XPWD    MDTM
214 ask god

Other servers such as SMTP have their own responses to HELP.



More information about the unisog mailing list