Posted in: Network Security

The Ultimate Guide to FTP Penetration Testing

Welcome, today I am writing about FTP Penetration Testing to help new students understand how the protocol works and how they can test the security of their lab.

FTP Protocol

FTP is used by system administrators and developers to transfer files between their machine and a remote server, its main purpose is to transfer files between hosts.

Client vs Server

FTP Commands

FTP Penetration Testing

Enumerating FTP

nmap --script=ftp-anon,ftp-bounce,ftp-libopie,ftp-proftpd-backdoor,ftp-vsftpd-backdoor,ftp-vuln-cve2010-4221,tftp-enum -p 21 <ip>
nmap --script=ftp-* -p 21 10.10.10.1
nc <IP> 21

Anonymous Login

FTP Bounce Attack

Brute Force FTP

Brute force FTP servers are the most common attack on the Internet, can be done using a simple tool that tests the different combinations of usernames and passwords using wordlists against FTP authentication system but if the username or password isn’t on those wordlists we fail. It is necessary to create a custom wordlist for each company based on all data we collect during the recon phase.

Traffic Sniffing

tcpdump -i any ftp

FTP Exploits

• ProFTPD-1.3.3c Backdoor
• ProFTPD 1.3.5 Mod_Copy Command Execution
• VSFTPD v2.3.4 Backdoor Command Execution

Leave a Reply

Back to Top