AFZ-logo

JeeZy Blog

fawn

Fawn writeup

Task 1


What does the 3-letter acronym FTP stand for?

Answer : File Transfer Protocol

File Transfer Protocol (FTP) is a standard network protocol used for transferring files between a client and a server over a TCP/IP network, such as the Internet. FTP allows users to upload, download, and manage files on a remote server.

Task 2


Which port does the FTP service listen on usually?

Answer : 21

- Port 21: This is the control port used for establishing the connection between the client and the server. Commands and responses are sent through this port, facilitating the communication necessary to manage the file transfer process.


- Port 20: This is the data port used for the actual transfer of files in active mode FTP. When a data transfer command (such as a file upload or download) is issued, the server connects to the client's data port from its own port 20 to initiate the data transfer.

Task 3


What acronym is used for the secure version of FTP?

Answer : SFTP

SFTP (SSH File Transfer Protocol) is a secure network protocol used for transferring files over a secure shell (SSH) connection. Unlike FTP, which sends data in plain text, SFTP encrypts both the commands and data, providing a secure method of file transfer.

Task 4


What is the command we can use to send an ICMP echo request to test our connection to the target?

Answer : ping

You probably already know what it is, especially if you are following the walkthrough but here it is :


Ping is a network utility used to test the reachability of a host on an Internet Protocol (IP) network. It works by sending Internet Control Message Protocol (ICMP) Echo Request messages to the target host and listening for Echo Reply messages.

Ping measures the round-trip time for messages sent from the source to the destination and back, providing information about the latency and reliability of the connection. It is commonly used to diagnose network connectivity issues and to ensure that a host or network device is online and responsive.

Task 5


From your scans, what version is FTP running on the target?

By doing a simple :

nmap -sV <IP> fawn_1

Answer : vsftpd 3.0.3

vsftpd is a secure and high-performance FTP server software for Unix-like systems. It supports both FTP and FTP over SSL/TLS (FTPS), offering robust security features to ensure safe file transfers. It is known for its simplicity, ease of configuration, and efficient resource usage, making it a popular choice for many Linux distributions.

Task 6


From your scans, what OS type is running on the target?

We can determine it by looking at our previous scan

Answer : Unix

Unix is a powerful, multiuser, multitasking operating system originally developed in the 1970s. It is known for its modular design, simplicity, and portability across various hardware platforms.

Unix systems feature a command-line interface, a hierarchical file system, and a rich set of built-in utilities, making them popular for servers, workstations, and advanced computing environments. Unix has inspired many other operating systems, including Linux and macOS.

Task 7


What is the command we need to run in order to display the 'ftp' client help menu?

Answer : ftp -h

Task 8


What is username that is used over FTP when you want to log in without having an account?

Answer : anonymous

Task 9


What is the response code we get for the FTP message 'Login successful'?

Using an anonymous account :

ftp -a <IP> fawn_2

Answer : 230

Task 10


There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system.

Answer : ls

Task 11


What is the command used to download the file we found on the FTP server?

Answer : get

Task 12


Submit root flag

fawn_3

Answer : Get your own !

AFZ-logoJeeZy Blog

© 2024-2025 JeeZy Blog