FTP
Nmap discovered a FTP server on the target port 21
The running service is vsftpd 3.0.3
Null Session
┌──(kali㉿kali)-[~/archive/thm/boiler-ctf]
└─$ ftp $IP
Connected to 10.10.124.235.
220 (vsFTPd 3.0.3)
Name (10.10.124.235:kali): anonymous
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> The target FTP server allows anonymous authentication
┌──(kali㉿kali)-[~/archive/thm/boiler-ctf]
└─$ touch test
ftp> put test
local: test remote: test
229 Entering Extended Passive Mode (|||46969|)
550 Permission denied.It doesn’t allow file upload
ftp> ls -a
229 Entering Extended Passive Mode (|||43849|)
150 Here comes the directory listing.
drwxr-xr-x 2 ftp ftp 4096 Aug 22 2019 .
drwxr-xr-x 2 ftp ftp 4096 Aug 22 2019 ..
-rw-r--r-- 1 ftp ftp 74 Aug 21 2019 .info.txt
226 Directory send OK.
ftp> get .info.txt
local: .info.txt remote: .info.txt
229 Entering Extended Passive Mode (|||46623|)
150 Opening BINARY mode data connection for .info.txt (74 bytes).
100% |**********************| 74 1.90 MiB/s 00:00 ETA
226 Transfer complete.
74 bytes received in 00:00 (0.92 KiB/s)It contains a single hidden file; .info.txt
┌──(kali㉿kali)-[~/archive/thm/boiler-ctf]
└─$ cat .info.txt
Whfg jnagrq gb frr vs lbh svaq vg. Yby. Erzrzore: Rahzrengvba vf gur xrl!The .info.txt file contains ambiguous text, possibly encoded
It was encoded using ROT13
The following is the decoded text;
Just wanted to see if you find it. Lol. Remember: Enumeration is the key!