Merge pull request #166 from CoolHandSquid/HAC-ftp

HAC ftp
2024-11-15 09:27:32 +00:00 · 2021-08-14 11:08:27 +02:00 · 2021-08-14 11:08:27 +02:00 · 9a68f11794
commit 9a68f11794
parent eacb3376c0 b846a501e4
1 changed files with 40 additions and 0 deletions
--- a/pentesting/pentesting-ftp/README.md
+++ b/pentesting/pentesting-ftp/README.md
@ -184,3 +184,43 @@ ftp.conf
 proftpd.conf
 ```

+## HackTricks Automatic Commands
+
+```
+Protocol_Name: FTP    #Protocol Abbreviation if there is one.
+Port_Number:  21     #Comma separated if there is more than one.
+Protocol_Description: File Transfer Protocol          #Protocol Abbreviation Spelled out
+
+Name: Notes
+Description: Notes for FTP
+Note: """
+Anonymous Login
+-bi     <<< so that your put is done via binary
+
+wget --mirror 'ftp://ftp_user:UTDRSCH53c"$6hys@10.10.10.59'
+^^to download all dirs and files
+
+wget --no-passive-ftp --mirror 'ftp://anonymous:anonymous@10.10.10.98' 
+if PASV transfer is disabled
+
+https://book.hacktricks.xyz/pentesting/pentesting-ftp
+"""
+
+Name: Banner Grab
+Description: Grab FTP Banner via telnet
+Command: """telnet -vn {IP} 21"""
+
+Name: Cert Grab
+Description: Grab FTP Certificate if existing
+Command: """openssl s_client -connect {IP}:21 -starttls ftp"""
+
+Name: nmap ftp
+Description: Anon login and bounce FTP checks are performed
+Command: """nmap --script ftp-* -p 21 {IP}"""
+
+Name: Browser Connection
+Description: Connect with Browser
+Note: """
+ftp://anonymous:anonymous@{IP}
+"""
+```