Scan the network 1 (WS_FTP and Windows Pocket CE Hack) – RF-eXploring

In this post you’ll see how easy it is to get sometimes a valid UID and password or a shell with the help of Google or Shodan. It is a liitle article you will maybe get some fun if you don’t already know this… Google and Shodan can help you to find anything if you tell them to do so. To hack if you are lucky to find a WS_FTP based site you just have to type on Google :

inurl:ws_ftp.ini “[WS_FTP]” filetype:ini

No you’re on a page containing host(s), an UID (the login) and PWD=1234…AD89.
We see that password are encoded but it’s easy to find go to any ws_ftp password decrypter available on the net like this.
Now you have all you want to connect ftp you have host, UID and password you just have to open a shell and type

# ftp [HOST ADDRESS OR IP] you will be asked for the UID you found on google and the password decoded if you are lucky you have hacked the remote ftp type help in first to know if you have upload command if there is a http server you now have to upload a php payload to the site with metasploit you will be able to have a remote shell…

Another pretty cool tool is shodan you think it’s hard to have a remote shell without autorisation you are wrong it’s easy to do you just have to use telnet and shodan site
Type on shodan :

WindowsCE Pocket CMD v 5.0

Now in a shell :

# telnet [IP fOUND ON SHODAN]

that’s all you have a remote shell.