Good evening friends. “PCMan’s FTP Server is a free software mainly designed for beginners not familiar with computer, hoping that it can make setting up a basic FTP server very easily. Functionality and security are not the major concern. Usability, however, is the most important concern” according to their makers. However version 0.7 of this software has a Buffer Overflow vulnerability for which exploit has been released by Metasploit. First of all, we need to perform enumeration to find services in our targets. To know more about enumeration, read this. Now let’s see Hacking PCMAN FTP Server with Metasploit.
Start Metasploit and load the exploit. as shown below.
Set the IP address of our target as shown below. Check the payloads by typing command “show payloads”.
Choose any payload you require. I am choosing the meterpreter payload. Check if our target is vulnerable using the “check” command.
Next execute our exploit by typing command “run”. You will successfully get the meterpreter session on the target. The only downfall with this exploit is it is only working on Windows XP. Happy hacking.