Mad World #Save_GAZA: Free Palestine  

Search

Exploitation of CFT

  • Share this:
Exploitation of CFT

What tis CFT ?

CFT (Cross File Transfer) (Axway Transfer CFT) is a secure computer file transfer program and protocol developed by Axway Inc. It is widely used in Europe's finance and banking industries, with firms such as AG2R La Mondiale and Swiss Post using it.

CFT was designed for mainframe systems that used the French X.25-based Transpac network, although it was eventually converted to use

Purpose

CFT is a machine-to-machine file transfer protocol that includes a remote control feature for resuming halted transfers. CFT may also start remote processes, rename files according to a protocol (PeSIT, ODETTE (OFTPv1), ETEBAC 3, EBICS), apply security constraints, and convert encodings (ASCII to EBCDIC for example).

Partenaire

In the context of CFT, a partner equates to a remote host with which CFT will exchange files or communications. To communicate with a partner in the interest of security, it must be configured in the partner's file. This partner could be a file sender or a file receiver. It is necessary to define the following for each partner: the protocol used, the type of operating system, the partner's code, the password, the list of authorized IDFs, and the IP address.

Catalogue

The catalogue is a view that shows all of the details of the transfers that have been made on the selected CFT monitor (commande cftcatab).

  • Now we'll move on to the practical section to learn about and investigate the commands used by cft.

The CFT version

#cftutil about
CFT informations :
     * product = CFT/V2/ULINUX Kernel 2.4 glibc 2.3
     * version = 2.4.1
     * level   = m-3-4
     * upgrade = SP1

   Host informations :
     * model   = x86_64
     * cpuid   = ????????????????

   XIP informations :
     * xip-product           = XFB Monitor CFT
     * xip-version           = 2.4.1_SP1
     * xip-applied-patches   = 1 2
     * xip-forbidden-patches =

CFTU00I ABOUT    _ Correct ()
#cftversion
Information about CFT Version 2.5.1 20070614

   CFT informations :
     * product = CFT/V2/ULINUX Kernel 2.4 glibc 2.3
     * version = 2.5.1
     * level   = p-5-2
     * upgrade =

   Host informations :
     * model   = i686
     * cpuid   = ????????????????

   Synchrony informations :
     * product           = Synchrony Transfer CFT
     * version           = 2.5.1
     * applied-patches   =
     * forbidden-patches =

Start/Stop CFT

#> su - cft
#> cftstop
#> cftstart

Charge/Recharge the CFT configuration

../runtime/conf/cft-tcp.conf is the configuration file.
Connect to the CFT user account and enter the following commands:

#> su - cft
#> cftstop
#> cftinit
#> cftupdate
#> cftstart

a few of CFT commands
Some examples of subcommands that can be passed to the cftutil command:

* about: Information about the server 
* end: Indicates that a transfer has completed 
* halt: Terminates a transfer currently in progress or in the catalog 
* listcat: List the catalog 
* listpart: List the partners 
* recv: Defines when a file is received 
* send: Defines when a file is sent 
* shut: Defines when a file is sent 
* submit: Defines when a file is sent 
* switch: Manually switching log files
* start: Allows you to resume or resume a transfer 
* delete: Deletes the catalog

Completely purge the catalog

CFTUTIL DELETE IDT=* ,PART=*

Allows you to stop a transfer in progress or in the queue

cftutil halt part=FTEST107, idf=IDF, idt=Mxx*

Check if CFT responds

cftping -v
cft is alive

Transfer states

List sent/received files with their status

cft@testcft:~$ cftcatab

  Date = 12/02/2009   Time = 09:20:51

  Partner  DTSA File     Transfer         Records       Diags        Appli.
                Id.      Id.       Transmit     Total   CFT Protocol Id.
  -------- ---- -------- -------- ---------- ---------- --- -------- --------
  FTEST106 SFT  TEST2    B0609300         19         19   0 CP 85%
  FTEST106 RFH  TOTO2    B0609304          0          0 600 ABO 213
  FTEST106 SFT  TEST2    B0610000         19         19   0 CP 85%
...

Exemples :
SFT (T) code indicates that the file or message was successfully sent.
RFH (H) informs us that a transfer sent by a partner was not received.

Code returned

For further details on the meaning of each code returned, please visit the official cft website Axway.

Add new CFT partner

  • You must locate the file ../runtime/conf/cft-tcp.conf in order to add a new partner.
...
/*********************************/
/* CFTPART - Partner Definition  */
/*********************************/
...
/* PART TEST SUR 107 */
cftpart id       = FTEST107,
        prot     = PeSITANY,
        sap      = 1761,
        nspart   = FTEST106,
        nrpart   = FTEST107,
        comment  = ,
        syst     = unix,
        mode     = replace

cfttcp  id       = FTEST107,
        cnxin    = 3,
        cnxout   = 3,
        cnxinout = 3,
        host     = 'x.x.x.x',
        mode     = replace
...
  • Adding a file to transfer
...
/*************************************************************************/
/* FILE TRANSFERS CONFIGURATION                                          */
/*                                                                       */
/* You can use different definition for send parameters :                */
/* For example, to send an ASCII text file , without accented characters */
/* ftype  = T,                                                           */
/* fcode  = ascii,                                                       */
/*                                                                       */
/* or to send an 8-bit ASCII 'PC text' type file                         */
/* (containing accented characters)                                      */
/* ftype  = O,                                                           */
/* fcode  = ascii,                                                       */
/*                                                                       */
/* or to send a binary file                                              */
/* ftype  = B,                                                           */
/* fcode  = binary                                                       */
/*************************************************************************/
...

cftsend id       = TEST2,
        parm     = txt,
        ftype    = T,
        fcode    = ASCII,
        frecfm   = V,
        flrecl   = 1700,
        fname    = '$CFTDIRPUB/issued/test.txt',
        mode     = replace
...
  • After that, place your file where you already indicated it and re-enable the CFT configuration.
#> cftstop
#> cftinit
#> cftupdate
#> cftstart

Sending a message

CFTUTIL send part=FTEST1, type=message,idm=testecri, msg=test
CFTUTIL send part=FTEST2, type=message,idm=testecri, msg=test

Sending a file

CFTUTIL send part=FTEST1,idf=IGPROD
CFTUTIL send part=FTEST2,idf=IGPROD

Show logs

cft@testcft:~$ cftlog
09/02/12 09:00:03  CFTT57I Requester transfer started   <IDTU=A000009J PART=FTEST106 IDF=TEST2 IDT=B1209000 >
09/02/12 09:00:03  CFTT58I Requester transfer ended     <IDTU=A000009J PART=FTEST106 IDF=TEST2 IDT=B1209000>
09/02/12 09:00:03  CFTT88I+<IDTU=A000009J FNAME=$CFTDIRPUB/issued/test.txt NBC=624>
  • For a specific partner:
CFTUTIL LISTCAT PART=FTEST, CONTENT=FULL, DIRECT=SEND

Diagnostic

As we said before Part = In the context of CFT, a partner equates to a remote host with which CFT will exchange files or communications.

  • The "DTSA" column shows the status of transfers:
  • Direction = S/R (Send/Receive)
  • Type = F/M/R (File/Message/Reply)
  • State = D/C/H/K/T/X
D: Awaiting Transfers File

C: File in the middle of a transfer

H: File not received (H for HOLD), the file has not been made available.

K: File not sent (K for KEEP), the partner did not initiate the broadcast.

T: File containing a problem with the execution of a final transfer procedure or a file containing no final transfer procedure.

X: Completed transfer and completed end-of-transfer procedure (X for eXecute)

A: Acknowledge (acr)
  • Example :
"'SFT"' ("T"') indicates that the file or message transmission was successful.
"'RFH"' ("H"') indicates that a transfer sent by a partner has not been received.
  • To check the status of a transfer on a server, log in with the account cft and run the following command:
listcat cftutil

It is possible to add arguments to this command in order to fine-tune the search.
Looking for the sends of a specific partner, do the following:

part=cftutil listcat [Name of the part]
  • Finding a send of the the partner on a specific date:
cftutil listcat part=[Name of the part], idt=F2254657
  • Identifying the name of a file associated with a flow:
cftutil listcat part=[Name of the part], idt= F2254657, content=full 
  • COMPLETE ANALYSIS WITH DEBUG
listcat idt=[transfer Id], content=debug 

Example:

cftutil listcat idt=[transfert Id], content=debug | grep FDATE
File date                      FDATE      = 14/02/2022
cftutil listcat idt=[ transfert Id], content=debug | grep FTIME
File time                      FTIME      = 12:50:49.76

Source : https://wiki.tuxunix.com/index.php/Doc_CFT

If you like this post, please consider donating so that we can continue to maintain our site.?

 Yassine

Yassine

Yassine founded IGProd to educate the visitors with technological tutorials. These helpful guides are available for all sorts of professionals and novices, whether they work in technology or not!

Surf freely 💗

Leave a comment

Your email address will not be published. Required fields are marked *