Once upon a time I had a FTP website. It’s been long gone for a while now because I basically didn’t want to pay for the domain name when it really wasn’t being used.

But anyways, here is the FTP server scanning tutorial that I originally drafted for my old forums:

FTP Scanning Tutorial, by Darkfoxx

Step 1:

You’ll need these three tools:

- FlashFXP

- Grim’s Ping

- Ping Companion

If you’re lazy and want to skip Step 2, just download this ini file and throw it into your Ping directory and let it overwrite the original. I do recommend that you go through Step 2 to learn something…

Step 2:

Install and open up Ping and the Preferences window will come up on your first run.

Click the Pub Find tab.

In the General sub-tab, set threads to 130 and timeout at 10.

Click the Logging sub-tab and set it according to this pic:

Now, click the top Permissions tab and fill out the General sub-tab according to this pic:

However, instead of adding each folder, just download and paste this list into ping.ini:

http://www.fx-webdesign.com/spf/tuts/pingdirs.txt

- Click here to see how -

Click the Logging sub-tab thread and fill it out according to this pic:

Save those settings.

Now we are ready to start scanning! Don’t worry about the Companion download just yet.

Step 3:

Now we need to find some IP’s to scan. A good place to find public FTP’s are at webhosts.

Use a webhost directory such as http://www.webhostdir.com or any webmaster forum that lists webhosts.

Find a host and copy the address, without the www.

Like so: hostmysite.com

Now, go into Ping and click Tools -> Single Host Lookup.

Paste the address into the box and click Lookup. The IP address will be given to you. Copy it. Hit Close.

Now, click “Paste IP” on the main interface. Paste the IP address into the box and click OK.

The “Add Item to Queue” window will come up.

Click “Add to Queue”.

Now the fun begins!

Step 4:

So now you’ve got an IP range in the queue and you’re ready to scan.

Click the green light button to start!

When the scan is complete, you’ll see this:

This is a bad scan…all private servers.

So, find another server and give it a go.

A good scan will look like this:

The program will show the server OS when the server is a “good” server, and increment the “Servers found” number. You would then post the address here in the FTP List forum.

So that covers FTP scanning! It’s a very tedious process, but you may get lucky and find some good servers.

About the Companion download: I only use two files in it for testing a servers upload/download permissions. They are called 1kbtest.ptf and 1mbtest.ptf. These are 1 KB and 1 MB files that you can use to test a server.

When you find a “good” server, use one of these files to upload and download to check to see if you can do so.

Addendum:

If you aren’t getting any results at all (all “request timed out”)…

Download this: http://www.fx-webdesign.com/spf/tuts/EvID4226Patch223d-en.rar

Run the exe. It will ask “do you want to change the number of half open connections to 50?”

Type “C”. Enter 255. Hit enter. Then let it patch and hit any key when it tells you to. Reboot your PC.

This is only necessary if you are using XP SP2. In SP2, a certain type of connection is limited to 10….and that greatly hinders FTP scanning…because you need 255 total connections open.

Also, make sure you run a firewall or virus software because by opening up your half-open connections you are making it easier for someone to load a virus onto your pc.

Don’t ask me if you can do this in Vista or not. I honestly don’t know and I don’t care.