Important notes

  • Target IP -> 10.129.116.159

This is a starting point machine, so it’s pretty simple.

Task 1 - What does the 3-letter acronym FTP stand for?

Answer: File Transfer Protocol

Task 2 - Which port does the FTP service listen on usually?

Answer: 21

Task 3 - FTP sends data in the clear, without any encryption. What acronym is used for a later protocol designed to provide similar functionality to FTP but securely, as an extension of the SSH protocol?

Answer: SFTP

Task 4 - What is the command we can use to send an ICMP echo request to test our connection to the target?

Answer: ping

Task 5 - From your scans, what version is FTP running on the target?

With a nmap -p21 <ip> -sV -sC we can check the version of the FTP and tell nmap to use a script to check if anonymous login works.

Imagem

Answer: vsftpd 3.0.3

Task 6 - From your scans, what OS type is running on the target?

Answer: Unix

Task 7 - What is the command we need to run in order to display the ‘ftp’ client help menu?

Answer: ftp -?

Task 8 - What is username that is used over FTP when you want to log in without having an account?

Answer: Anonymous

Task 9 - What is the response code we get for the FTP message ‘Login successful’?

Answer: 230

Task 10 - There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system.

Answer: ls

Answer 11 - What is the command used to download the file we found on the FTP server?

Answer: get

Log into the FTP with ftp anonymous@<ip> and get the flag with get flag.txt.

Imagem

Now it will be downloaded to our system. Let’s see it.

Imagem