{"id":2048,"date":"2021-01-09T11:01:39","date_gmt":"2021-01-09T10:01:39","guid":{"rendered":"https:\/\/andreas-klingler.de\/infosec\/?p=2048"},"modified":"2021-04-24T15:35:02","modified_gmt":"2021-04-24T13:35:02","slug":"checklist-21-ftp","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=2048","title":{"rendered":"21 <span class=\"caps\">FTP<\/span>"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Enumeration<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Mandatory<\/h3>\n\n\n\n<ol class=\"wp-block-list\"><li>Check anony\u00admous&nbsp;login<\/li><li>Try to cre\u00adate <span class=\"caps\">AND<\/span> upload a&nbsp;file:<ul><li><code>mkdir test<\/code><\/li><li><code>put \/tmp\/test test<\/code><\/li><\/ul><\/li><li>Check login with at least the fol\u00adlow\u00ading credentials:<ul><li>admin \/&nbsp;admin<\/li><li>admin \/ password<\/li><\/ul><\/li><\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Optional<\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li>Down\u00adload every\u00adthing with wget and look for .dot&nbsp;files!<\/li><li>Check login with new\u00adly found&nbsp;users<\/li><li>Brute-force login<ul><li>Make sure to check admin \/ admin and oth\u00ader usu\u00adal com\u00adbi\u00adna\u00adtions and DON\u2019T relay on a pass\u00adword list like best110.txt only!<\/li><\/ul><\/li><li>Down\u00adload the whole content<\/li><li>Check for <span class=\"caps\">FTP<\/span> serv\u00ader exploits<\/li><li>Try<ul><li><code>..\/<\/code><\/li><li><code>cd \/<\/code><\/li><li><code>cd C:\\<\/code><\/li><li><code>cd C:\\\\<\/code><\/li><li><code>get $file_which_should_be_on_the_os<\/code><\/li><\/ul><\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Tools<\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/github.com\/lanjelot\/patator\">Pata\u00adtor<\/a> (brute force)<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Enu\u00admer\u00ada\u00adtion Manda\u00adto\u00adry Check anony\u00admous&nbsp;login Try to cre\u00adate <span class=\"caps\">AND<\/span> upload a&nbsp;file:&nbsp; mkdir test put \/tmp\/test test Check login with at least the fol\u00adlow\u00ading cre\u00adden\u00adtials:&nbsp; admin \/&nbsp;admin admin \/ pass\u00adword Option\u00adal Down\u00adload every\u00adthing with wget and look for .dot&nbsp;files! Check login with new\u00adly found&nbsp;users Brute-force login Make sure to check admin \/ admin and oth\u00ader usu\u00adal combinations&nbsp;[\u2026]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[36],"tags":[37,50,28],"class_list":["post-2048","post","type-post","status-publish","format-standard","hentry","category-port","tag-checklist","tag-enumeration","tag-ftp"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/2048","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2048"}],"version-history":[{"count":10,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/2048\/revisions"}],"predecessor-version":[{"id":2978,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/2048\/revisions\/2978"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2048"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2048"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2048"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}