🐝
OSCP 2022 Materials
  • General
    • Whoami
    • Resources
    • Frequently Asked Questions
    • Shared Resource
  • Enumeration
    • Foreword
    • FTP
    • SMTP
    • DNS
    • Finger
    • HTTP/ HTTPS
      • Login Attacks
        • PHP Logins
      • XSS
      • LFI ( LFI -> RCE )
      • RFI ( RFI -> RCE )
      • CMS Exploitation
        • Wordpress
        • Magento
        • Bludit
        • Tomcat
        • Drupal
      • PHPMyAdmin
    • Kerberos
    • POP3
    • SMB
    • IMAP
    • SNMP
    • IRC
    • RSync
    • MSSQL
    • NFS
    • REDIS
    • Port Forwarding
  • Linux Post Exploitation
    • Post Exploit Checks
    • Pivoting ( ProxyChains )
  • Windows Post Exploitation
    • Post Exploit Checks
    • Active Directory ( Recon -> PE)
    • Notes
      • Powershell
      • Commands
  • Buffer Overflow
    • Hackthebox
    • TryHackMe
  • Mobile Pentesting
    • Android Pentesting
      • Lab TroubleShoot
      • Root Detection Bypass ( Manual )
      • Physical Device
  • MISC
    • Useful
    • Web
    • Linux
    • Application Specific
    • Programming Notes for Offensive Security
      • Python
    • Forensics
      • Disk Forensics
    • Inspection
    • Troubleshooting
      • Mouse Flickering
Powered by GitBook
On this page
  • Connecting
  • File Operations

Was this helpful?

  1. Enumeration

FTP

FTP (file transfer protocol) is used for downloading and uploading files from/to the server. In some cases, the FTP servers will be configured to host the webroot with write permissions which gets us the reverse shell by uploading malicious reverse shell contents

Connecting

ftp 10.10.10.10

# list the contents
ls

# change the directory
cd <dir>

# timeout due to passive mode ?
passive
ls

File Operations

# upload file to the ftp server
put dnoscp.php

# download a single file from the ftp server
get web.config

# download files recursively
prompt off
recurse on
mget *

# recursive download with wget
wget -r ftp://<username>:<password>@10.10.10.10/<dir>/*
PreviousForewordNextSMTP

Last updated 2 years ago

Was this helpful?