FTP
Note
Sometimes clues are put here.
Old version of ftp might be vulnerable
Look at the version
Search the exploit using Google / Searchsploit / Rapid7
If you find some credential, try it on SSH / Login page / database
Connection
Many ftp-servers allow anonymous users. anonymous:anonymous
Nmap script enumeration
Vulnerability scanning
Bruteforce password known username
Bruteforce Service Password
Refer bruteforce note
Enumeration of users
Command
Configuration Files
Vulnerable versions
ProFTPD-1.3.3c Backdoor
ProFTPD 1.3.5 Mod_Copy Command Execution
VSFTPD v2.3.4 Backdoor Command Execution
Exploitation
Gather version numbers
Searchsploit
Default Creds
Creds previously gathered
Download the software
Last updated