Note that FTP doesn’t show hidden files! Try in Windows e.g “cd ProgramData”.
Enumeration
With nmap. Scans a network for ftp servers which allow anonymous access.
nmap -v -p21 --script=ftp-anon.nse 10.11.1.1-254
FTP relays
The FTP specification defines FTP relays. One FTP server can say to another FTP server to send files to another third-party server. See the nmap manpage for more details. Today it is mostly not possible to use, but some old systems still have this feature.
See also FTP bounce attack to scan another system via a FTP server as proxy. (Source)
Mirror FTP system
With wget
wget -m --no-passive ftp://anonymous:anonymous@$target
With lftp
lftp -u anonymous,dfsdf -e "mirror --parallel=2 --verbose / ." $target
FileZilla
If port 14147 is exposed, tunnel it to localhost, then execute FileZill Server Interface.exe from the correct version and connect to localhost.
Binary and ascii mode
- Binary mode doesn’t change the file
- ASCII mode:
- Removes ^M when a file is transferred from a Windows host to a *nix host.
- Adds ^M when a file is transferred from a *nix host to a Windows host.
Leave a Reply
You must be logged in to post a comment.