HTB Fawn Walkthrough: How to Exploit Misconfigured FTP Services

Introduction

The Fawn machine on Hack The Box (HTB) is an excellent beginner-friendly challenge that teaches FTP enumeration and exploitation. Many networks still use File Transfer Protocol (FTP) for file sharing, but when misconfigured, it can lead to serious security risks.

In this walkthrough, we’ll explore:
✅ How to enumerate FTP services
✅ Exploiting anonymous FTP login
✅ Capturing the flag

Let’s dive in! 🚀

1️⃣ Setting Up & Scanning the Target

Before attacking any machine, we first verify connectivity by pinging the target:

ping <target_IP>

Once confirmed, we scan for open ports and services using Nmap:

nmap -sV -Pn -T4 <target_IP>

Scan Results:

21/tcp open  ftp vsftpd 3.0.3

The scan reveals port 21 (FTP) is open, and it’s running vsftpd 3.0.3.

2️⃣ Exploiting Anonymous FTP Login

By default, FTP requires authentication, but some servers allow anonymous access without credentials. Let’s test it:

ftp <target_IP>

When prompted for a username, we enter:

anonymous

For the password, we can input anything (or leave it blank).

🎉 Success! We’re logged in without authentication.

3️⃣ Capturing the Flag

Once inside, we list the files available on the server:

ls

We spot flag.txt—let’s download it:

get flag.txt

After downloading, we exit FTP and read the flag:

cat flag.txt

🏆 Flag captured! Challenge complete.

Key Takeaways & Security Best Practices

🔴 Disable Anonymous FTP Access – Never allow unauthorized users to access files.
🔴 Use FTPS or SFTP – Secure FTP with encryption (SSL/TLS) to prevent Man-in-the-Middle (MitM) attacks.
🔴 Monitor FTP Logs – Attackers often exploit misconfigured FTP servers to gain access.

Final Thoughts

The Fawn machine is a great introduction to FTP exploitation and highlights real-world security risks. If you’re new to ethical hacking, this is a must-try challenge!