how to get out of the ftp root directory

[Tedob1]

what server and version? i suppose you've tried the obvious double dot (never can tell).

[orion9]

I havent paid for it directly it came with the membership, they set up wargames for us to hack(we meaning members).It was filled with problems initially,they had the setup wrong and its been there for a long timeso theres not much action in that paticular thread.

I know thses things about my objective
It migh be a binary because it has no extension (./ filename) makes the client(my pc) stop responding.
I dont have any idea on how to open a ssh connection from a windows pc to a linux server
The file that i downloaded dosent have a extension so windows dosent have any program for Opening it in notepad is of no use nor any c compilers/debuggers.
Its not a virus/malicious software for sure
I feel that the community here is a lot more open to basic questions
I am stuck in this problem for the last 2 days ( that takes a lot of googling time )

[Tedob1]

orion9: the more you post the more confusing this all gets. we're into page two now and i still have no idea what your talking about. if your trying to obscure information your doing too well.

what does ssh have to do with telnet?

putty is a windows ssh client which is ALSO a telnet client as well as an scp and sftp client...what the f are you trying to do?

unix doesn't need to use file extentions so it could be anything,

when you open 'FILENAME' in notepad what do you see? even bin files have strings in them and now that you have 'FILENAME' what are you supposed to do with it?...why did you download it?

if you want to 'hack' this bitch we're going to need some info to help you.

[spamdies]

There are a lot of ssh clients for windows, I like puTTY. If you managed to download the file and open it in notpad at least you can tell if its a script or not. if its not a script ./file will not do anything other than error out.

[Tedob1]

Originally posted here by spamdies
There are a lot of ssh clients for windows, I like puTTY. If you managed to download the file and open it in notpad at least you can tell if its a script or not. if its not a script ./file will not do anything other than error out.

if he finds martian speak when its opened in notepad then we'll know he needs to load a live cd if the object is to run it. if we knew what in hell he was trying to do we might be able help him. but the way it is now..."is it bigger than a bread box?" ...this could go on forever.

[orion9]

i am trying to get to the next level
It is an empty file (0 mb size), when i open it using ./ .filename command my telnet client hangs nor does any thing appear when i open it in notepad ( the file name begins with a dot )
my objective is to get to another folder in var outside the ftp root folder
This wargames server is relatively old so there has been not much info at the concerned thread
I am trying to answer all questions in one thread
Some one suggested i use a ssh client so i asked for one

[Tedob1]

./ means the directory your now in while .filename means its a hidden file. the using of ./ is only necessary if you want to run a script or binary in the same directory your in. you've put a space between the current directory "./" and the file name ".filename" which will only get you an error. more is not an ftp command to begin with. maybe the telnet client your using can't get the error msg from this machine.

in certain unpatched older versions of ftp servers it is possible to "double-dot" out. "cd ../logs" or just "cd ..". the two dots signifing up one level, then into the logs directory. it may be this simple. some ftp servers allow you to execute files. type help to see if the 'site exec' command is listed and see if you can "SITE exec /bin/sh <whatever>".

what does the banner tell you when you log into the ftp server? it should give you version info. do a google search for "&lt;that version&gt; exploit" or "&lt;that version&gt; vulnerability" and see what you turn up. if the banner is turned off use amap to find out whats running.

it's a war game it's gotta be exploitable.