Script ftp-bounce

Script types: portrule
Categories: default, safe
Download: https://svn.nmap.org/nmap/scripts/ftp-bounce.nse

Script Summary

Checks to see if an FTP server allows port scanning using the FTP bounce method.

Script Arguments

ftp-bounce.password

Password to log in with. Default IEUser@.

ftp-bounce.username

Username to log in with. Default anonymous.

ftp-bounce.checkhost

Host to try connecting to with the PORT command. Default: scanme.nmap.org

Example Usage

nmap -sV -sC <target>

Script Output

PORT   STATE SERVICE
21/tcp open  ftp
|_ftp-bounce: bounce working!

PORT   STATE SERVICE
21/tcp open  ftp
|_ftp-bounce: server forbids bouncing to low ports <1025

Requires

• nmap
• shortport
• stdnse
• string
• ftp

---

Author:

• Marek Majkowski

License: Same as Nmap--See https://nmap.org/book/man-legal.html