How a Hacker try to attempt Login using Anonmous user?

If you are a hacker, then you might have performed an attack on an FTP server using an Anonymous user.

Configure an FTP server with an Anonymous user

Step 1: Check FTP whether it is configured or not

If you want to access the FTP server on your Linux machine, you just type the below command to check whether FTP is configured or not:

└─$ftp localhost
Trying [::1]:21 ...
ftp: Can't connect to '::1:21': Connection refused
Trying ...
ftp: Can't connect to '': Connection refused
Trying ...
ftp: Can't connect to '': Connection refused
ftp: Can't connect to 'localhost:ftp'
ftp> bye                #To close FTP session

Step 2: Install FTP-Server (vsftpd)

vsftpd, is an FTP server for Unix-like systems, including Linux. It is the default FTP server in the Ubuntu, CentOS, Fedora, NimbleX, Slackware and RHEL Linux distributions. It is licensed under the GNU General Public License. It supports IPv6, TLS, and FTPS. (Source: Wiki)

Install FTP-server use the following command:

└─$ sudo apt-get install vsftpd

Step 3: Start FTP Server

Start FTP server and also check the status using the below command:

└─$ sudo service vsftpd start      #To Start the FTP server
└─$ sudo service vsftpd status    #To check the status of the FTP server

Step 4: Configure "anonymous_enable"

This is the important part where many users did a mistake that is, they enable anonymous login. Let’s see how?

Access vsftpd configuration file( /etc/vsftpd.conf) by using an text editor(vim, nano, etc.) and configure anonymous_enable to yes if you want to enable anonymous login else No (by default). I have configured to YES as I have enabled anonymous login:

└─$ sudo nano /etc/vsftpd.conf

Step 5: Restart the FTP server

Use the below commands to restart the FTP server:

└─$ sudo service vsftpd stop      #To Stop the FTP server
└─$ sudo service vsftpd start    #To restart of FTP server

Penetrate the FTP server

From here we are going to learn "what hackers do and how they find vulnerability to get access to your FTP server?"

Phase 1: Enumeration

Always a hacker tries to scan the ports of the FTP server. Let's see how?
To scan the server we use Nmap:

└─$ sudo nmap -sV {Target IP}

If you do not know your IP address, use the following command:

└─$ ifconfig

Phase 2: Try to attempt Logging in

As you can see the status that is FTP server is running on port 21. So, now we are going to try connected with the server and also we are going to attempt login as the anonymous user:

└─$ ftp {Target IP}
Connected to {Target IP}
220 (vsFTPd 3.0.3)
Name (IP:user): anonymous
331 Please specify the password
230 Login successful
Remote system type is UNIX
Using binary mode to transfer files.

Now you can see, we are successfully get connected. If you don’t know FTP commands then you can try using the help command.


Here is all about the FTP server, and I hope you have understand how a hacker tries to log in using an anonymous user. If you find this error on your server then fix it by reversing the process.

Post a Comment

If you have any doubts or any queries you can specify here.

Previous Post Next Post