FTP Brute Force Lab

🌱 How to Start This Lab

Follow these instructions to get started:

1. Download the virtual machine from this link.
2. Import the machine into your preferred virtualization manager (VirtualBox, VMware, etc.).
3. Once the machine is running, you can start the lab!

📄 Instructions

• The server has anonymous FTP access enabled.
• There are indications of poor password practices.
• Some system users might be using weak passwords.
• It is your responsibility to investigate and exploit the vulnerable configurations.

1. Connect as an anonymous user

   • Use an FTP client to connect with the username anonymous.
   • Explore the available files.
   • Pay attention to possible clues.

2. Perform a brute force attack

   • Use a tool like hydra along with a password dictionary.
   • Your goal is to gain access as certain system users.

3. Obtain the first flag

   • Once inside the system as a valid user, check their personal directory.
   • Look for the flag.

4. Escalate privileges

   • Discover how to gain administrator (root) permissions using another system user.
   • Retrieve the second flag from a protected location.

Flag #1

• 📁 Location: in one of the users' directories
• 🔑 Requires: finding their credentials through brute force

Flag #2

• 📁 Location: in a restricted system area
• 🔑 Requires: escalating privileges to gain administrator access

Recommended Tools

• FTP client (ftp)
• hydra
• Password dictionary like rockyou.txt (available in many security distributions)

Remember: there are no magic solutions. Observe, reason, and use the appropriate tools. Knowledge is your best ally.

Happy Hacking!