Chapter 13. Reconnaissance
Performing target reconnaissance is typically one of the first steps in a penetration test. The goal during the recon phase is to gather as much information about the target as possible, using all available resources. This includes information such as names, email addresses and phone numbers, IP address space, open network ports, and software in use.
Commands in Use
In this chapter, we introduce the ftp command.
ftp
The File Transfer Protocol (FTP) command is used to transfer files to and from an FTP server.
Common command options
- -n
-
Do not attempt to automatically log into the server
Command example
To connect to an FTP server at 192.168.0.125:
ftp 192.168.0.125
By default, the ftp command will attempt to connect over TCP port 21. If you would like to connect over a different port, specify it by using the port number after the host. To connect on port 50:
ftp 192.168.0.125 50
Once connected to the FTP server, you can use interactive commands to send and receive files. The ls command will perform a directory listing; the cd command will change directories; put is used to transfer files to the FTP server; and get is used to transfer files from the FTP server.
Crawling Websites
To copy a web page from across a network, you can use the curl command. At its core, curl is simple to use, but it has many advanced options such as the ability to handle remote authentication and session cookies. It is common to use the -L option with curl, as it will ...
Get Cybersecurity Ops with bash now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
