ChunLi has asked for the wisdom of the Perl Monks concerning the following question:

Hi all. I am looking for a perl script that can scan a block of IP address for ftp servers that allow public access. When it finds them, it can log in as guest and retrieve a listing of the the files that are there. Is there something like that out there? Is this a bad idea, and if so why? Thoughts, ideas? I appreaciate any advice.

Replies are listed 'Best First'.
Re: A perl version of Archie?
by Corion (Patriarch) on Oct 07, 2002 at 17:54 UTC

    First, I don't really see why you would want to scan a block of IP addresses for "open" ftp servers that allow public access, as either you are allowed to access that server and have been told so by the administrator or you aren't and therefore shouldn't.

    It is a bad idea as the automatic retrieval of all files stored on that server will cause a bandwidth and IO hit to that server, as you recursively descend through all directories and query their contents - something that is not nice if you're doing it uninvited and just for your personal access.

    Thirdly, there are already existing solutions, like http://ftpsearch.lycos.com, that do what you want for sites where the administrator has agreed to have them scanned.

    If you still think that scanning an ftp server is a necessary thing, the only thing you will need is Net::FTP, which is an automated ftp client. With it, it's easy to query a ftp server. You will have to parse the output of the ftp server to determine which entry is a directory and which entry is a file.

    There is no effective and easy method to find open ftp servers without trying to connect to each IP address in the given range and waiting whether it times out or not.

    Please note that even the act of connecting to a system and not heeding the message you get when you connect might get you in trouble.

    perl -MHTTP::Daemon -MHTTP::Response -MLWP::Simple -e ' ;    # The  
$d = new HTTP::Daemon and fork and getprint $d->url and exit;#spider
($c = $d->accept())->get_request(); $c->send_response( new   #in the
HTTP::Response(200,$_,$_,qq(Just another Perl hacker\n))); ' #  web

    [download]
[reply]
[d/l]
Re: A perl version of Archie?
by Mr. Muskrat (Canon) on Oct 07, 2002 at 20:27 UTC

    Can it be done? Yes. Will I help you do it? No.

    I started to explain why this is A Very Bad ThingTM. Then I read my preview and saw that I had given some pretty good tips on how to do it. This reply had started to look like a tuturial on how to find vulnerable systems. So instead of hitting submit, I hit back. And started fresh.

    Update: Reversed order of paragraphs.

[reply]

Back to Seekers of Perl Wisdom