aoc2cmnftp

FTP - File Transfer Protocol
FTP uses 2 connections

port 20  -  DATA
port 21  -  Commands

ftp <ip>
anonymous login
after loging we got a .sh file
we changed the .sh file with nc reverse shell in pentest monkey
and put the edited .sh file replacing original

then set nc listerner in kali
we got reverse shell with root permission

Task

• Name the directory on the FTP server that has data accessible by the “anonymous” user

  public
  

• What script gets executed within this directory?

  backup.sh
  

• What movie did Santa have on his Christmas shopping list?

  The Polar Express
  

• Re-upload this script to contain malicious data (just like we did in section 9.6. Output the contents of /root/flag.txt!

  [redacted challenge flag]