Introduction¶
FTP (File Transfer Protocol) is a network protocol used to transfer files between a client and a server over a TCP network. It supports file uploads, downloads, and directory management, using separate control and data channels for commands and file data. FTP can allow anonymous or authenticated access with a username and password.
Downloading Files¶
Overview of commands for downloading files from an FTP server using various tools.
Command | Description |
---|---|
wget -r ftp://[USERNAME]:@[TARGET-IP] |
downloads all files from the FTP server, useful for complete directory downloads. |
wget -m --no-passive ftp://[USERNAME]:[PASSWORD]@[TARGET-IP] |
Mirrors the entire FTP site, downloading all available files and directories, preserving the server structure. |
ftp [TARGET-IP] then binary and get [FILE-NAME] |
Connects to an FTP server, switches to binary mode for data integrity, and downloads a specified file. |
curl -O ftp://[USERNAME]:[PASSWORD]@[TARGET-IP]/PATH/TO/FILE_OR_DIR |
Downloads a specific file or directory from the FTP server, using curl for precise retrieval. |
Tips & Tricks
Check if anonymous:anonymous
FTP is enabled.
Transferring Files¶
Commands for setting up an FTP server and uploading files.
Command | Description |
---|---|
python3 -m pyftpdlib -p 21 |
Starts an FTP server on port 21 using Python pyftpdlib, convenient for quick setups on local networks. |
ftp [TARGET-IP] then binary and put [FILE-TO-UPLOAD] |
Connects to an FTP server and uploads a file after switching to binary mode to preserve file integrity. |
Brute-Forcing FTP Credentials¶
Scenario | Command |
---|---|
Unknown User | hydra -L user.txt -p "Password" -f [TARGET-IP] ftp |
Unknown Password | hydra -l user -P /opt/rockyou.txt -f [TARGET-IP] ftp |
Unknown User and Password | hydra -L user.txt -P /opt/rockyou.txt -f [TARGET-IP] ftp |
Different Port | hydra -l user -P /opt/rockyou.txt -f [TARGET-IP] ftp -s 9999 |
Nmap Nse Scripts¶
Nmap NSE scripts specifically designed for FTP to discover vulnerabilities or gather information.
Command | Description |
---|---|
ls /usr/share/nmap/scripts/ \| grep "ftp" |
Lists available Nmap scripts that are specifically related to FTP, aiding in targeted vulnerability scanning. |
nmap -p 21 --script ftp* [TARGET-IP] |
Executes FTP-related Nmap scripts against a target IP on port 21 for comprehensive vulnerability scanning and information gathering. |