TCP: FTP - 21

NOTE: Enter the following for file transfer mode in FTP console

  • passive

  • binary

Connection

Anonymous Login

Username
Password

ftp

ftp

anonymous

anonymous

ftp <Username>@<Target IP Address> [Port]

Bruteforce Login

Using Username List and Password List

hydra -L <Username Lists> -P <Password Lists> -f ftp://<Target IP Address> [-p <Port>]

Using Username and Password

hydra -l <Username> -p <Password> -f ftp://<Target IP Address> [-p <Port>]

Using Username:Password list

hydra -C <Username:Password List> -f ftp://<Target IP Address> [-p <Port>]

Enumeration

Nmap

nmap --script "ftp-anon" -p <Port> <Target IP Address>
nc -nv <Target IP Address> <Port>
nc -sV <Target IP Address> <Port>

File Maneuver

Downloading Shares

wget -m ftp://<Username>:<Password>@<Target IP Address>
wget -m --no-passive ftp://:@<Target IP Address>

NOTE: The above command is to download shares if there is no firewall between you and FTP server

Grab Cert

openssl s_client -starttls ftp -connect <Target IP Address>:<Port>

Exploit

NOTE:

  • Accessing the payload via HTTP would trigger the payload

  • Recommend .asp or .aspx for Mircosoft servers

put <Payload File>
PreviousTCP: SMB - 139 / 445NextTCP/UDP: DNS - 53

Last updated