2, [Hackthebox] (Room: FAWN - Very Easy)

Cái này dễ thiệt...

Task 1

What does the 3-letter acronym FTP stand for?

\=> File Transfer Protocol

Task 2

Which port does the FTP service listen on usually?

\=> 21

Task 3

FTP sends data in the clear, without any encryption. What acronym is used for a later protocol designed to provide similar functionality to FTP but securely, as an extension of the SSH protocol?

(FTP gửi dữ liệu rõ ràng, không mã hóa. Thuật ngữ viết tắt nào được sử dụng cho giao thức ra đời sau đó, được thiết kế để cung cấp chức năng tương tự như FTP nhưng bảo mật hơn, được coi là một phần mở rộng của FTP?)

\=> SFTP (S means Secure)

Task 4

What is the command we can use to send an ICMP echo request to test our connection to the target?

\=> ping

Task 5

From your scans, what version is FTP running on the target?

ta gõ lệnh nmap -sV {target_IP}

\=> vsftpd 3.0.3

Task 6

From your scans, what OS type is running on the target?

\=> Unix

Task 7

What is the command we need to run in order to display the 'ftp' client help menu?

\=> ftp -h

Task 8

What is username that is used over FTP when you want to log in without having an account?

\=> anonymous

Task 9

What is the response code we get for the FTP message 'Login successful'?

1, Gõ lệnh ftp {target_IP}

2, username: anonymous

3, password: no need. Just Enter.

\=> 230 (Login successful)

Task 10

There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system.

\=> ls

Task 11

What is the command used to download the file we found on the FTP server?

\=> get

Ta gõ get flag.txt để tải file về local

Mở 1 shell khác. Gõ cat flag.txt để đọc FLAG