In the remote management panel there is a console written in the LUA language, which can be exploited to execute commands in the Operating System through the os.execute() function native to lua.īelow is a remote command execution PoC through the lua console to obtain a reverse shell on the target machine. The C:\Program Files (x86)Wing FTP Server_ADMINISTRATOR\admins.xml file stores the admin credentials by saving the password in an md5 hash, which can be easily deciphered, as shown in the image below: When accessing the Wing FTP Server remote management panel, the credentials are transmitted in clear, as shown in the image below:Īnother vulnerability found is the unprotected storage of the application's admin credentials. You can also monitor server performance and online sessions and even receive email notifications about various events taking place on the server. And it provides admins with a web-based interface to administrate the server from anywhere. It supports multiple file transfer protocols, including FTP, FTPS, HTTP, HTTPS, and SFTP, giving your clients flexibility in how they connect to the server. Wing FTP Server is an easy-to-use, powerful, and free FTP server software for Windows, Linux, Mac OS, and Solaris. Multiple vulnerability was founded on Wing FTP Server 6.3.8: This PoC explain how to exploit Wing FTP Server 6.3.8 to get Remote Code Execution You can also schedule tasks that need to be performed at specific time.Wing FTP Server 6.3.8 - Remote Code Execution The download and upload speeds can be checked to ensure fast data transfer facility. Information about sessions shows the users that have logged in and the amount of data they have shared during particular time period. It displays information about all users and the file transfers that have taken place. You can effectively monitor the use of servers and collect necessary information about connected users. Wing FTP Server offers advanced monitoring capabilities. You can disconnect all clients immediately, wait for them to disconnect or wait until they terminate the transfer process. ![]() When you choose to close a domain, a prompt message asks you to choose suitable option. The status of domain shows its availability and you can close or open it through respective buttons. You can also delete any domain whenever needed. You can create a domain by entering a personalized name and port addresses for required network protocols. The software homepage displays the list of created domains along with their ID, name, connections and status. The software lets you define domains where servers can be hosted. ![]() It supports multiple file transfer protocols, including FTP, HTTP, FTPS, HTTPS and SFTP, giving your end-users flexibility in how they connect to the. You can use these when sharing eBooks, movies, songs or other less important data. Wing FTP Server Corporate 6.6.3 Multilingual 14.2 Mb Wing FTP Server is a highly functional, easy-to-use and secure FTP Server solution that can be used in Windows, Linux, Mac OSX and Solaris. However, if you want to share data that does not need to be well-protected then you can make use of FTP and HTTP protocols. The files are encrypted before being transmitted over network in order to prohibit harmful use of data. These network protocols are preferred for sharing confidential data such as important files related to your organization, bank statements and documents having personal information. For this purpose, it provides support for FTPS, HTTPS and SFTP protocols. Wing FTP Server enables users to share data in secure manner. You can also visit Domain section where all activities are listed and network management is possible. Server section contains information about server status, server log and license. ![]() Under administration section you can access console screen, manage user accounts, check admin log details and adjust settings. The software possesses a simple GUI with multiple options. It is an enterprise solution with lots of features. It is available in multiple languages such as English, Dutch, Italian, Romanian, French, Spanish, Czech and Turkish. It is used by network administrators to monitor web based data transfer facility for clients. It supports multiple file transfer protocols, including FTP, HTTP, FTPS, HTTPS and SFTP, giving your end-users flexibility in how they connect to the server. It is a paid tool whose license should be purchased for long term use, but unregistered version can be used free for 30 days. File size: 13 MB Wing FTP Server is a highly functional, easy-to-use and secure FTP Server solution that can be used in Windows. The software is compatible with Windows, Mac OS X, Solaris and Linux operating system and can be used easily due to its traditional interface. You may have to register before you can post: click the register link above to proceed. Wing FTP Server 6 is a smart application that lets you manage file sharing via servers. Today's Posts Mark Channels Read Member List Calendar Forum Varie Exploit If this is your first visit, be sure to check out the FAQ by clicking the link above.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |