FTP-Anonymous
Found 2 related articles
Back to Tags- 2024-11-20
Crocodile - FTP Anonymous Login and Credential Disclosure
Technical writeup detailing the compromise of the Crocodile machine. Initial access is achieved by exploiting the Anonymous FTP login vulnerability on the vsFTPd 3.0.3 service (21/tcp) to disclose files containing credentials (allowed.userlist and allowed.userlist.passwd). Web enumeration via Gobuster reveals a hidden '/login.php' endpoint. The disclosed 'admin' credentials are used to access the web panel and retrieve the flag, completing the box.
- 2024-10-11
TickTackRoot - FTP Anonymous, SSH Brute-Force, and SUID Binary Exploitation
Technical writeup detailing the compromise of the TickTackRoot machine. The path includes initial enumeration of open services (21/FTP, 22/SSH, 80/HTTP). Access is gained by leveraging Anonymous FTP login to find potential usernames, followed by a successful SSH brute-force attack using Hydra. Privilege escalation is achieved by exploiting the SUID binary 'timeout_suid' to gain a root shell, demonstrating a classic Linux privilege escalation technique.