GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → turbo → Openftp4

turbo / Openftp4

Licence: mit
A list of all FTP servers in IPv4 that allow anonymous logins.

Labels

ftpweb-security

Projects that are alternatives of or similar to Openftp4

Basic Ftp
FTP client for Node.js, supports FTPS over TLS, passive mode over IPv6, async/await, and Typescript.
Stars: ✭ 441 (-30.44%)
Mutual labels:  ftp
Ftp Deployment
A tool for automated deployment of web applications to an FTP server.
Stars: ✭ 527 (-16.88%)
Mutual labels:  ftp
Favfreak
Making Favicon.ico based Recon Great again !
Stars: ✭ 564 (-11.04%)
Mutual labels:  web-security
Curl
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP. libcurl offers a myriad of powerful features
Stars: ✭ 22,875 (+3508.04%)
Mutual labels:  ftp
Raidrive.translation
RaiDrive Translation
Stars: ✭ 518 (-18.3%)
Mutual labels:  ftp
Twa
A tiny web auditor with strong opinions.
Stars: ✭ 549 (-13.41%)
Mutual labels:  web-security
Pure Ftpd
Pure FTP server
Stars: ✭ 395 (-37.7%)
Mutual labels:  ftp
Articles Translator
📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (-4.42%)
Mutual labels:  web-security
Githacker
🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (-17.35%)
Mutual labels:  web-security
Git Ftp
Uses Git to upload only changed files to FTP servers.
Stars: ✭ 5,104 (+705.05%)
Mutual labels:  ftp
Filestash
🦄 A modern web client for SFTP, S3, FTP, WebDAV, Git, Minio, LDAP, CalDAV, CardDAV, Mysql, Backblaze, ...
Stars: ✭ 5,231 (+725.08%)
Mutual labels:  ftp
Php Docker Boilerplate
🍲 PHP Docker Boilerplate for Symfony, Wordpress, Joomla or any other PHP Project (NGINX, Apache HTTPd, PHP-FPM, MySQL, Solr, Elasticsearch, Redis, FTP)
Stars: ✭ 503 (-20.66%)
Mutual labels:  ftp
Remote Ftp
FTP/FTPS/SFTP client for Atom.io
Stars: ✭ 549 (-13.41%)
Mutual labels:  ftp
Node Libcurl
libcurl bindings for Node.js
Stars: ✭ 447 (-29.5%)
Mutual labels:  ftp
Kodexplorer
A web based file manager,web IDE / browser based code editor
Stars: ✭ 5,490 (+765.93%)
Mutual labels:  ftp
Burpa
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-32.65%)
Mutual labels:  web-security
Aria2
aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.
Stars: ✭ 25,001 (+3843.38%)
Mutual labels:  ftp
Docker Pure Ftpd
Docker Pure-ftpd Server
Stars: ✭ 630 (-0.63%)
Mutual labels:  ftp
Corscanner
Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (-5.21%)
Mutual labels:  web-security
Pyexfil
A Python Package for Data Exfiltration
Stars: ✭ 554 (-12.62%)
Mutual labels:  ftp
View All Similar Projects ➔

openftp4

This is a list of all FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins. The login must be completed in less than 15 seconds to qualify for this list.

How and why this list was created is documented in detail in my blog post Mass-analyzing a chunk of the Internet. You can do whatever you want with this data. Consider linking to this repo if you find something interesting or odd.

The last scan contains 796,268 servers that allow anonymous access. This is 4.31486 % of the 18,454,087 services running on port 21 in IPv4.

Usage

  1. Decompress the file
gzip -d openftp4.txt.gz
  1. Hack away

Format

The data follows this loose format:

ip|timestamp|banner
  • ip is the IPv4 address (^([0-9.]+)\|).
  • timestamp is the unix timestamp of the exchange with that server (^+?\|(\d+)\|).
  • banner is everything after the second | and includes the full initial banner, every response code and the full login exchange (\|\d+\|(.+)$).

Just a hint: If you are going to interact in any way with these servers, consider piping the list through shuf each time you try something new so you don't hit the same server(s) over and over again. Also, don't sort the list before rescanning, because you will encounter IP slashes that belong to one network. Think about what it looks like from their perspective ;-).

If you want to be extra nice, provide your actual email address (or one you have access to) as the password (blog post for details), so server admins can contact you.

Donate

It costs $2 per week to keep the scan running. If you want to throw some money our way (for cookies and stuff), please do so at 14MzwUsRfZTygggU39LECLvamDwFpa2Vjj.

Discussion

In the Wild

Applications that use this dataset:

  • FTPeek tries to find interesting things and sends you a newsletter.

Exclusion

(This doesn't concern FTP servers that are public by design.)

Read the blog post to learn how servers are excluded from this list. This list might be updated in the future. If you want to see your IP excluded from the list should it ever be updated, then consider fixing your stuff.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].