FTP (21)

File Transfer Protocol.

Protocol Information

FTP is a network protocol used to transfer files between a client and a server on a network. It allows files to be uploaded, downloaded and managed remotely, facilitating the transfer of data between connected devices.

Port

21 TCP

FTP

20 TCP

FTP-data

Config File

/etc/vsftpd.conf

FTP root

/var/ftp

Interact

If anonymous access is enabled, it's possible log in with username “Anonymous” and password “”.

ftp <IP> <PORT>
> [passive] [binary]
> mget *

wget -m ftp://<USER>:<PASSWORD>@<IP>:<PORT>

Attacks

FTP Bounce

An FTP bounce attack is a network attack that uses an FTP server to send outbound traffic to another device on the network. Suppose we targeted an FTP server FTP_DMZ exposed to the Internet. Another device within the same network, Internal_DMZ, is not exposed to the Internet. We can use the connection to the FTP_DMZ server to scan Internal_DMZ via the FTP Bounce attack and obtain information about the server's open ports.

nmap -Pn -v -n -p80 -b Anonymous:@10.10.110.213 172.17.0.2
# Scan internal host 172.17.0.2 via FTP of host 10.10.110.213

Backdoor in vsFTPd 2.3.4

Last updated 15 days ago

hashtagPort

hashtagConfig File

hashtagFTP root

hashtagInteract

hashtagAttacks

hashtagFTP Bounce

hashtagBackdoor in vsFTPd 2.3.4arrow-up-right