Ctrlk

FTP

The most danger is when the anonymous login is allowed.

If anonymous login is allowed we can check the ftp-directories without any credentials

ftp 10.10.10.100

Name [target.htb:cub3]: anonymous
331 Anonymous access allowed...
Password: <Enter>
230 User logged in.
ftp>

We should check if we can add any file to the share and if it is reachable through the web.

Last updated 1 year ago

Anonymous Login