Hack The Box Fawn Machine: Mastering FTP Protocol & Vulnerability
In this guide, we will explore the Fawn machine on Hack The Box, focusing on the File Transfer Protocol (FTP) and how misconfigurations can lead to unauthorized access in a penetration testing environment.
Figure 1: Introduction to the Fawn machine and FTP basics.
Fawn Starting Point: Essential Tasks
- Task 1: What does FTP stand for? Answer: File Transfer Protocol
- Task 2: Which port does FTP listen on? Answer: 21
- Task 3: What secure extension of SSH replaces FTP? Answer: SFTP
- Task 4: Command to test connection? Answer: ping
- Task 5: FTP version? Answer: vsftpd 3.0.3
- Task 6: Target OS type? Answer: Unix
- Task 7: Command for help menu? Answer: ftp -?
- Task 8: Username for no-account login? Answer: anonymous
- Task 9: 'Login successful' response code? Answer: 230
- Task 10: Command to list files? Answer: ls
- Task 11: Command to download file? Answer: get
Understanding FTP Misconfigurations
FTP is a standard protocol for transferring files, but it lacks encryption by default, making it vulnerable to Man-in-the-Middle (MitM) attacks. A critical vulnerability occurs when the service is configured to allow anonymous login.
When administrators enable anonymous access without securing the contents, anyone can log in to the server, browse directories, and download sensitive files—including logs that could map out a network.
Figure 2: Scanning the target and identifying the FTP service.
Step-by-Step Exploitation: How to Solve Fawn
- Enumeration: Verify connectivity with
ping {TARGET_IP}, then scan the target to confirm FTP is running on port 21. - Exploiting Anonymous Login: Access the service using the
ftp {TARGET_IP}command. When prompted for a username, typeanonymousand hit Enter (no password required). - Navigating and Downloading: Once logged in (indicated by status code 230), use
lsto view available files. Use theget flag.txtcommand to download the flag to your local machine.
Figure 3: Retrieving the flag from the FTP server.
Disclaimer: This content is for educational purposes only. All techniques described are intended for use in authorized, isolated, and legal cybersecurity training environments like Hack The Box. The author does not condone or support the use of these techniques against any real-world systems without explicit permission.
Congratulations on mastering FTP security fundamentals!
Comments
Post a Comment