4 KiB
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
{% embed url="https://websec.nl/" %}
Basic Information
Trivial File Transfer Protocol (TFTP) is a straightforward protocol used on UDP port 69 that allows file transfers without needing authentication. Highlighted in RFC 1350, its simplicity means it lacks key security features, leading to limited use on the public Internet. However, TFTP is extensively utilized within large internal networks for distributing configuration files and ROM images to devices such as VoIP handsets, thanks to its efficiency in these specific scenarios.
TODO: Provide information about what is a Bittorrent-tracker (Shodan identifies this port with that name). If you have more info about this let us know for example in the HackTricks telegram group (or in a github issue in PEASS).
Default Port: 69/UDP
PORT STATE SERVICE REASON
69/udp open tftp script-set
Enumeration
TFTP doesn't provide directory listing so the script tftp-enum
from nmap
will try to brute-force default paths.
nmap -n -Pn -sU -p69 -sV --script tftp-enum <IP>
Download/Upload
You can use Metasploit or Python to check if you can download/upload files:
msf5> auxiliary/admin/tftp/tftp_transfer_util
import tftpy
client = tftpy.TftpClient(<ip>, <port>)
client.download("filename in server", "/tmp/filename", timeout=5)
client.upload("filename to upload", "/local/path/file", timeout=5)
Shodan
port:69
{% embed url="https://websec.nl/" %}
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.