File Transfer Protocol (FTP)

Default port: 21

Enumeration

sudo nmap -sC -sV -p 21 <TARGET-IP>

Anonymous Authentication

ftp <TARGET-IP>

Connected to <TARGET-IP>.
220 (vsFTPd 2.3.4)
Name (<TARGET-IP>:kali): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

Brute Forcing

medusa -u <USER> -P /usr/share/wordlists/rockyou.txt -h <TARGET-IP> -M ftp

FTP Bounce Attack

Use FTP servers to deliver outbound traffic to another device on the network.

nmap -Pn -v -n -p80 -b anonymous:password@<SERVER-IP> <ANOTHER-DEVICE-IP-ON-THE-NETWORK>