FTP - 21

Files Transfer Protocol

Client-Server protocol
Clear text protocol
Use of credentials or Anonymous FTP.

Check if the FTP server allows Anonymous Login

Credentials: anonymous:anonymous

Commands

Commands Description

Commands	Description
`ls`	Directory listing
`ls -R`	Recursive directory listing
`put`	Upload a file from local system to the FTP server
`get`	Download a file from the remote server to the local system

ls

Directory listing

ls -R

Recursive directory listing

put

Upload a file from local system to the FTP server

get

Download a file from the remote server to the local system

Active vs Passive mode

Active mode: The client tells the FTP server what port initiating the data communication to.

Passive mode: The client will initiate the data communication to a port specified by the FTP server. Since the client initiates the data communication, it can circumvent firewall restrictions.

Trivial File Transfer Protocol

Does not require user authentication
Simpler than FTP
Works over UDP

Interaction with a FTP server with SSL/TLS encryption

 openssl s_client -connect 10.129.14.136:21 -starttls ftp

Uploading a file to the FTP server

ftp>passive
ftp>binary
ftp>put mondocument.txt

Download all files from a FTP server

wget -m --no-passive ftp://anonymous:anonymous@192.168.218.127

Enumerate Nmap scripts - FTP

Will enumerate all Nmap scripts related to FTP

find / -type f -name ftp* 2>/dev/null | grep scripts

Others element to check for

Can you login with default or admin credentials?
Does the FTP server allows anonymous authentication?
Can you identify any exploit for the FTP server based upon the version/banner grabbing?
Is the FTP server is the document root of the web application?
Can you transfer files on the FTP share ? (upload/download)

PreviousIdent - 113 NextMySQL

Last updated 1 year ago