TryHackMe: Enumerating FTP

March 12, 2021 less than 1 minute read

This is a write up for the Enumerating FTP task of the Network Services room on TryHackMe. Some tasks have been omitted as they do not require an answer.

How many ports are open on the target machine?

Run the following nmap command:

nmap -A -p- -v <ip>

In my tests the nmap scan only returns 1 open port, however the correct answer appears to be 2 in the TryHackMe lab.

Answer: 1 or 2

What port is ftp running on?

Answer: 21

What variant of FTP is running on it?

Answer: vsftpd

What is the name of the file in the anonymous FTP directory?

Attempt to connect to the FTP server by entering the following command and entering a username of ‘anonymous’.

ftp <ip>

List out the files on the server with ls

Answer: PUBLIC_NOTICE.txt

What do we think a possible username could be?

Download the PUBLIC_NOTICE.txt file.

get PUBLIC_NOTICE.txt

Exit the FTP session and print out the contents of PUBLIC_NOTICE.txt.

Answer: mike

Recap

In this task we learnt how to:

Read nmap results
Connect to an anonymous session on an FTP server

Andrew Dickinson