FTP (File Transfer Protocol) #
At a Glance #
Default Port: 21
FTP is a standard network protocol used for the transfer of files between a client and a server on a computer network. FTP is built on a client-server architecture using separate control and data connections between the client and the server. FTP authenticates users with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. 1
Banner Grabbing #
Telnet #
telnet 10.0.0.3 21
Netcat #
nc -n 10.0.0.3 21
banner NSE Script #
nmap -sV -script banner -p21 -Pn 10.0.0.3
FTP #
ftp 10.0.0.3
FTP Exploits Search #
Refer to Exploits Search
Anonymous Login #
Note:
During the port scanning phase Nmap’s script scan (-sC), can be enabled to check for FTP Bounce and Anonymous Login.
Try anonymous login using anonymous:anonymous credentials.
ftp 10.0.0.3
…
Name (10.0.0.3:kali): anonymous
331 Please specify the password.
Password: [anonymous]
230 Login successful.
List all files in order.
ftp> ls -lat
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
…
226 Directory send OK.
FTP Browser Client #
Note: Due to its insecure nature, FTP support is being dropped by Firefox and Google Chrome.
Try accessing ftp://user:pass@10.0.0.3 from your browser.
If not credentials provided anonymous:anonymous is assumed.
Brute Forcing #
Refer to FTP Brute Forcing
Note: SecLists includes a handy list of FTP default credentials.
Configuration files #
Examine configuration files.2
ftpusers
ftp.conf
proftpd.conf
Miscellaneous #
Binary and ASCII #
Binary and ASCII files have to be uploading using the binary or ascii mode respectively, otherwise, the file will become corrupted. Use the corresponding command to switch between modes.3
Recursively Download #
Recursively download FTP folder content.4
wget -m ftp://user:pass@10.0.0.3/
Contributors to Wikimedia projects. “File Transfer Protocol - Wikipedia.” Wikipedia, the Free Encyclopedia, Wikimedia Foundation, Inc., 24 May 2002, https://en.wikipedia.org/wiki/File_Transfer_Protocol. ↩︎
“Penetration Testing Methodology” 0DAYsecurity.Com, http://www.0daysecurity.com/penetration-testing/enumeration.html. ↩︎
“RFC959: FTP: Data Transfer Functions.” World Wide Web Consortium (W3C), https://www.w3.org/Protocols/rfc959/3_DataTransfer.html. ↩︎
Thibaut Barrère. “Command Line - How to Recursively Download a Folder via FTP on Linux - Stack Overflow.” Stack Overflow, https://stackoverflow.com/a/113900/578050. ↩︎