PORT 21/tcp - FTP
Introduction¶
FTP (File Transfer Protocol) is used to communicate and transfer files between computers on a TCP/IP (Transmission Control Protocol/Internet Protocol) network, aka the internet. Users, who have been granted access, can receive and transfer files in the File Transfer Protocol server (also known as FTP host/site).
Anonymous User¶
In some devices anonymous user is enabled. It's important to give it a try.
Bruteforcing Credentials¶
To bruteforce the login in order to find valid credentials we can use different tools:
-
Ncrack
-
Medusa
-
Hydra
-
Patator
FileZilla Server (From LFI)¶
FileZilla Server credentials¶
FileZilla Server credentials are stored on the FileZilla Server.xml file stored in one of the following routes:
C:\Program Files (x86)\FileZilla Server\FileZilla Server.xml
C:\Program Files\FileZilla Server\FileZilla Server.xml
C:\xampp\FileZillaFTP\FileZilla Server.xml
Some times we can found it on plain text (base64) and sometimes encrypted. To decrypt we can use the following tool:
Note: You need to modify password and salt variables of the python script and unescape the salt.
& = &
< = <
' = '
" = "
> = >
# Example
Escaped: `!U3`CQ;a&3IzbXc/4Wpb\)OZ3TsXP;'Wx#^K"Tu_XX.K'o<'c&A:vItTX-M|Z0Y
Unescaped: `!U3`CQ;a&3IzbXc/4Wpb\)OZ3TsXP;'Wx#^K"Tu_XX.K'o<'c&A:vItTX-M|Z0Y
FileZilla client credentials¶
FileZilla client save last saved credentials on the following link.