Script ftp-anon

Script types: portrule
Categories: default, auth, safe
Download: https://svn.nmap.org/nmap/scripts/ftp-anon.nse

Script Summary

Checks if an FTP server allows anonymous logins.

If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files.

See also:

Script Arguments

ftp-anon.maxlist

The maximum number of files to return in the directory listing. By default it is 20, or unlimited if verbosity is enabled. Use a negative number to disable the limit, or 0 to disable the listing entirely.

Example Usage

nmap -sV -sC <target>

Script Output

PORT   STATE SERVICE
21/tcp open  ftp
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
| -rw-r--r--   1 1170     924            31 Mar 28  2001 .banner
| d--x--x--x   2 root     root         1024 Jan 14  2002 bin
| d--x--x--x   2 root     root         1024 Aug 10  1999 etc
| drwxr-srwt   2 1170     924          2048 Jul 19 18:48 incoming [NSE: writeable]
| d--x--x--x   2 root     root         1024 Jan 14  2002 lib
| drwxr-sr-x   2 1170     924          1024 Aug  5  2004 pub
|_Only 6 shown. Use --script-args ftp-anon.maxlist=-1 to see all.

Requires


Authors:

  • Eddie Bell
  • Rob Nicholls
  • Ange Gutek
  • David Fifield

License: Same as Nmap--See https://nmap.org/book/man-legal.html

action

action (host, port)

Connects to the FTP server and checks if the server allows anonymous logins.

Parameters

host
 
port