FTP

FTP (file transfer protocol) is used for downloading and uploading files from/to the server. In some cases, the FTP servers will be configured to host the webroot with write permissions which gets us the reverse shell by uploading malicious reverse shell contents

Connecting

ftp 10.10.10.10
​
# list the contents
ls
​
# change the directory
cd <dir>
​
# timeout due to passive mode ?
passive
ls

File Operations

# upload file to the ftp server
put dnoscp.php
​
# download a single file from the ftp server
get web.config
​
# download files recursively
prompt off
recurse on
mget *
​
# recursive download with wget
wget -r ftp://<username>:<password>@10.10.10.10/<dir>/*