   _________  SWAT MAGAZINE ISSUE THIRTY ONE JULY 2000   __________
  /         \___________________________________________/          \
 /                Installing FTP servers on remote hosts            \
/                         -=The Firestarter=-                        \
-----------------------------------------------------------------------

Arr well, this month when i've not been complaning to Network solutions
and i've finished r00ting ISP's and hosting companies all over the globe
i've been setting up FTP servers purely for the purpose of trading warez
with fellow SWAT members, well with Phreakazoid as well as testing out
a few things.

Ok so what i'm going to "teach" you all is how to set up and run a very
simple FTP server on a system, ok, fair's fair if u can 0wn an NT box
then chances are that you can set up an FTP server on the system without
me telling you how to do it. But what the hell, this'll prove to be handy
to some of you.

Of the FTP daemon that i use it Fictional FTP Daemon, purely because this
is the easiest one i've foind to work with and it also has a telnet client
built in, so u can not only tarde warez with your groupies you can also
telnet to your 0wned box and play around.

Ok first off download Fictional Deamon from: www.fictional.net its only
small (about 600k - 130k when compressed) and comes as only 1 file, this
makes it ideal to our cause.

Ok firstly your going to need a bit of information on the system that
you just hacked.

1) Where are you going to install the daemon
2) Where is the FTP root going to be

Well to answer question 1, i prefer to install them to c:\winnt\system32\fd
and question 2 depends on the system u cracked.

From personal experience a lot of NT systems that i crack have very large
drives in them, usually with about 7gig of free space, and 75% of the time
they only have a wwwroot directory and a cop of Exchangeserver installed on
it. But this can vary from system to system.

Ok, so what you need to do is find a directory on the system that has
something installed on it, for example, lets assuming that the DIR structure
is like this:
(this is my second HD)

 Volume in drive D has no label.
 Volume Serial Number is A4F7-0031

 Directory of D:\

29/06/2000  08:36              330,752 Advertbar.exe
28/06/2000  05:15       <DIR>          Documents and Settings
29/06/2000  08:47              535,800 FreeSMS.zip
29/06/2000  08:30       <DIR>          mirc
28/06/2000  16:00       <DIR>          Program Files
28/06/2000  17:28       <DIR>          warez
29/06/2000  22:49       <DIR>          WINNT
               3 File(s)        866,552 bytes
               5 Dir(s)     104,258,560 bytes free

Ok normally this kind of set up on a hacked box would be crap because of the lack
of space, so lets look at the C drive:

 Volume in drive C has no label.
 Volume Serial Number is 6847-FB6D

 Directory of C:\

08/07/2000  00:42            2,359,350 336modem.bmp
09/07/2000  01:44              158,831 336modem.jpg
04/07/2000  21:02       <DIR>          Anonymail
06/07/2000  17:19              151,578 Bag00n.bmp
01/07/2000  14:00       <DIR>          Documents and Settings
17/07/2000  16:19       <DIR>          Downloads
14/07/2000  02:47       <DIR>          FTP
18/07/2000  15:02       <DIR>          Geocities Site
12/07/2000  13:06              780,193 hostile-applets.zip
04/07/2000  00:22          771,438,094 image.nrg
02/07/2000  13:00       <DIR>          KPCMS
18/07/2000  15:25       <DIR>          Kribnet
09/07/2000  01:31               54,904 lcd.ttf
15/07/2000  01:23       <DIR>          mirc
19/07/2000  00:47       <DIR>          mp3s
13/07/2000  16:08                   84 notify.dat
10/07/2000  14:46       <DIR>          Odrive
03/07/2000  00:38       <DIR>          Perl
17/07/2000  20:12       <DIR>          Program Files
08/07/2000  00:11                5,962 sam._.txt
13/07/2000  16:07              118,669 shared.dat
11/07/2000  23:30       <DIR>          SWAT
11/07/2000  17:35       <DIR>          Swat31
17/07/2000  20:02               15,105 swateam.jpg
16/07/2000  12:53       <DIR>          TIB
04/07/2000  06:51       <DIR>          TweakUI
09/07/2000  23:57           21,600,054 untitled.bmp
18/07/2000  15:18       <DIR>          Warez
13/07/2000  17:11       <DIR>          WinAce
19/07/2000  00:48       <DIR>          WINNT
10/07/2000  22:23                    0 ~.~
              18 File(s)    796,884,620 bytes
              19 Dir(s)  12,101,787,648 bytes free

thats more like it, 12 gigs of free space, also lots of directories.
Best thing to do is to find a directory that isn't going to be used
very often, or atleast are not likely to be looked in.

Personally i find that the Winnt\system32 directory works well,
especially if you create another directory in there like 
c:\winnt\system32\systemp21 or something.

Ok so enough of the bullshit, the point of it all is that you need
a drive with lots of space (well you don't - but it helps) and
a directory that isn't going to be used.

Now you have the loverly task of setting up FD.exe on YOUR box,yes
there is a reason for this.

I like to create one account with full telnet, FTP and everything
else access and another account with just FTP access.

Ok this is the important(ish) bit.

1) Make sure that the home directory for your "super" user is c:\
   and can access and other drives, say for example your cracked
   server has 3 drives (c,d and e), add the dirs c:\ d:\ and e:\
   to the FTP server setup in Fictional Deamon, also allow full
   read/write access to those drives, if your box doesn't have
   3 drives then add them manually.

2) Make sure that the second "dumb" account only has read/write/
   whatever FTP access to c:\winnt\system32\systemp21 and set that
   as the home directory (failier to do so prevents that user from
   logging in).

Now save these settings and make sure that the ports are NOT default
i.e change FTP to port 100 and Telne tto port 101.

Now thats done, opoen fd.ini in notepad, it should look like this:

IPMASK=*.*.*.*
LOCKONSTART=False
RC_ENABLE=False
FTP_PORT= 101
TELNET_PORT= 100
PASV_PORT= 171
CONTIMEOUT=0
ALLOWANO=True
FTPDAEMON=True
SHOWSPLASH=True
SYSOPPAGER=False
LOCKCAD=False
STARTHIDDEN=False
SECHO=True
ICONTRAY=True
ASKUSR=Username: 
ASKPASS=Password: 
PAGERSOUND=C:\Downloads\daemon\pager.wav
CONNECTSOUND=C:\Downloads\daemon\connect.wav
LOGONSOUND=C:\Downloads\daemon\logon.wav
LOGOFFSOUND=C:\Downloads\daemon\logoff.wav
BADPASSSOUND=C:\Downloads\daemon\badpass.wav
SOUNDSON=False
LIMITUSER=100
LOGSIZEK= 50
PRIO=MED

A few of the options need to be edited:

STARTHIDDEN=False is changed to STARTHIDDEN=True
and ICONTRAY=True is changed to ICONTRAY=False

Why? well the start hidden loads the splash screen then hides the GUI, only
the tray icon is there and only by clicking on that will you get the GUI back.
BUT the icon can be hidden, once that's hidden you can run the server and only
the splash screen will appear (you can't turn that off in the unreg'd version
of FD, but u might be able to get a crack for it).

Ok simple, now upload ALL of the FD.exe files (and sub dirs) to the target
server, this is usually c:\winnt\system32\fd for me. Once all of the files
are up on the server make sure that nobody's using the computer at the time
or they might find the splash screen a little odd, and execute fd.exe
In about 10 to 20 seconds time you will have a fully working FTP and Telnet
server on your hacked box.

Enjoy :o)