> For the complete documentation index, see [llms.txt](https://blog.rootkid.in/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://blog.rootkid.in/exam-prep-notes/junior-penetration-tester-ejptv2-notes/assessment-methodologies/enumeration/ftp-enumeration.md). # FTP Enumeration **FTP (File Transfer Protocol)** is a standard network protocol used to transfer files between a client and a server over a TCP/IP network. It allows users to upload, download, and manage files on a remote server, often used for website maintenance, data sharing, and file storage. It has two modes: "*active*" and "*passive*," and it uses two ports: 21 for control (commands) and 20 for data transfer. FTP helps upload, download, and manage files on remote servers, like moving files to and from websites. ## FTP: Brute forcing attacks on FTP This command employs Hydra to perform a brute-force attack on an FTP service on the target using a list of usernames and passwords. ```bash hydra -L -P ftp ``` ## FTP: Nmap Enumeration Scripts You can also use `nmap` to perform brute-force attacks on FTP services. Below are a few common scripts for FTP enumeration: **`ftp-anon`**: Checks for anonymous FTP login. ```bash nmap --script ftp-anon -p 21 target-ip ``` **`ftp-brute`**: Performs a brute-force attack on FTP passwords. ```bash nmap --script ftp-brute -p 21 target-ip ``` **`ftp-bounce`**: Exploits FTP bounce attacks to port scan. ```bash nmap --script ftp-bounce -p 21 target-ip ``` **`ftp-vsftpd-backdoor`**: Checks for the presence of the VSFTPD backdoor vulnerability. {% code fullWidth="false" %} ```bash nmap --script ftp-vsftpd-backdoor -p 21 target-ip ``` {% endcode %} **`ftp-anon`**: Checks for anonymous FTP login. ```bash nmap --script ftp-anon -p 21 target-ip ``` **`ftp-syst`**: Retrieves system information from the FTP server. ```bash nmap --script ftp-syst -p 21 target-ip ``` *** *** *** **`Hacker's Mantra:`**`Passwords are like underwear. Don’t let people see it, change it very often, and you shouldn’t share it with strangers. - Chris Pirillo` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://blog.rootkid.in/exam-prep-notes/junior-penetration-tester-ejptv2-notes/assessment-methodologies/enumeration/ftp-enumeration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.