Vulnerability & Exploit Database

Back to search

Titan FTP Administrative Password Disclosure

On Titan FTP servers prior to version 9.14.1628, an attacker can retrieve the username and password for the administrative XML-RPC interface, which listens on TCP Port 31001 by default, by sending an XML request containing bogus authentication information. After sending this request, the server responds with the legitimate username and password for the service. With this information, an attacker has complete control over the FTP service, which includes the ability to add and remove FTP users, as well as add, remove, and modify available directories and their permissions.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/scanner/http/titan_ftp_admin_pwd

Authors

  • Spencer McIntyre

References

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/scanner/http/titan_ftp_admin_pwd msf auxiliary(titan_ftp_admin_pwd) > show actions ...actions... msf auxiliary(titan_ftp_admin_pwd) > set ACTION <action-name> msf auxiliary(titan_ftp_admin_pwd) > show options ...show and set options... msf auxiliary(titan_ftp_admin_pwd) > run