{"id":131,"date":"2023-06-10T20:21:11","date_gmt":"2023-06-10T20:21:11","guid":{"rendered":"https:\/\/justatrainingblog.co.uk\/?p=131"},"modified":"2023-06-10T20:22:38","modified_gmt":"2023-06-10T20:22:38","slug":"thm-exploiting-ftp","status":"publish","type":"post","link":"https:\/\/justatrainingblog.co.uk\/?p=131","title":{"rendered":"THM – Exploiting FTP"},"content":{"rendered":"\n

As part of learning about Telnet in TryHackMe we practiced some methods in which FTP can be exploited. I have detailed one of the methods taken to do so here and how it was done. <\/p>\n\n\n\n

Scanning Phase<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

To start with we ran a Nmap scan to see what open ports we had. –min-rate is used to speed up the attempt and -p- is used to find all open ports. <\/p>\n\n\n\n

<\/p>\n\n\n\n

Exploiting Anonymous Login <\/span><\/p>\n\n\n\n

We have checked for an anonymous login account and managed to sign in using the details:<\/p>\n\n\n\n

Username: Anonymous<\/p>\n\n\n\n

Password: <\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Finding Details<\/span><\/p>\n\n\n\n

So after running ls we can see a text file named PUBLIC_NOTICE.txt. Lets take a look. <\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n

Okay so not a lot of information but we can see that ‘Mike’ set this public notice making it a possible username. <\/p>\n\n\n\n

<\/p>\n\n\n\n

Enumerating the password<\/span><\/p>\n\n\n\n

Time to switch gears. This time we’ll use Hydra to attempt to brute-force the password. <\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Success! We have a password of, well ‘password’. We can now sign in using the FTP login details. <\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Obviously this is a simplistic and basic example of how poor misconfiguration can leave a system vulnerable, however this is something still worth knowing and practicing and really highlights the dangers of both using an insecure protoclol and the danger of poor security practices!<\/p>\n","protected":false},"excerpt":{"rendered":"

As part of learning about Telnet in TryHackMe we practiced some methods in which FTP can be exploited. I have…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[2,3],"tags":[],"class_list":["post-131","post","type-post","status-publish","format-standard","hentry","category-learning","category-tryhackme"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/131","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=131"}],"version-history":[{"count":1,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/131\/revisions"}],"predecessor-version":[{"id":140,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/131\/revisions\/140"}],"wp:attachment":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}