FTP (21)

File Transfer Protocol.

Protocol Information

FTP is a network protocol used to transfer files between a client and a server on a network. It allows files to be uploaded, downloaded and managed remotely, facilitating the transfer of data between connected devices.

Port

21 TCP	FTP
20 TCP	FTP-data

Config File

• /etc/vsftpd.conf

Interact

If anonymous access is enabled, it's possible log in with username “Anonymous” and password “”.

ftp <IP> <PORT>

Attacks

FTP Bounce

An FTP bounce attack is a network attack that uses an FTP server to send outbound traffic to another device on the network. Suppose we targeted an FTP server FTP_DMZ exposed to the Internet. Another device within the same network, Internal_DMZ, is not exposed to the Internet. We can use the connection to the FTP_DMZ server to scan Internal_DMZ via the FTP Bounce attack and obtain information about the server's open ports.

nmap -Pn -v -n -p80 -b Anonymous:@10.10.110.213 172.17.0.2
# Scan internal host 172.17.0.2 via FTP of host 10.10.110.213

Backdoor in vsFTPd 2.3.4