The Day I Found an Unsecured FTP — A Responsible Disclosure Story
This responsible disclosure article documents the discovery of an unsecured FTP server during security reconnaissance. **Vulnerability Type**: Unsecured FTP service with information disclosure and potential anonymous access. **Reconnaissance Process**: The researcher used assetfinder for subdomain discovery, DNS lookup to resolve target.example to 203.0.113.45, and nmap to identify open services (FTP, SMTP, SMTP-S, MySQL, POP3, HTTP). **Security Flaw**: The FTP service allowed session establishment with some directory listings visible even without valid credentials, indicating weak configuration. **Technical Details**: The researcher connected via FTP client and observed that while authentication was technically required, the service exposed directory contents and allowed informational commands (ls, dir, pwd) without full authentication - a classic misconfiguration. **Impact**: Exposed directory structures could reveal sensitive filenames, system paths, or data files. The service combination (FTP + MySQL + other services) also indicated poor security posture. **Responsible Approach**: The researcher practiced ethical disclosure by stopping at observation, taking screenshots without documenting specific files, and avoiding destructive actions. They focused on identifying the vulnerability for responsible reporting rather than exploitation. **Mitigation**: Secure FTP configurations should disable anonymous access, restrict directory visibility, implement proper authentication, and ensure least-privilege access controls. Regular security audits of exposed services are essential. #infosec #BugBounty #Cybersecurity #ResponsibleDisclosure #FTPSecurity
https://medium.com/@H4RUK7/the-day-i-found-an-unsecured-ftp-a-responsible-disclosure-story-00caf67ec647?source=rss------bug_bounty-5

The Day I Found an Unsecured FTP — A Responsible Disclosure Story
This responsible disclosure article documents the discovery of an unsecured FTP service during security reconnaissance targeting a specific domain. **Vulnerability Type**: Unsecured FTP service with information disclosure and improper access controls. **Reconnaissance Process**: The researcher used assetfinder for subdomain discovery, identified target.example domain, performed DNS lookup resolving to 203.0.113.45, then conducted nmap service enumeration revealing FTP, SMTP(S), MySQL, POP3, and HTTP services. **Security Flaw**: The FTP service accepted connections and exposed directory listings even without valid authentication credentials, allowing unauthorized information disclosure. **Technical Details**: The researcher connected using basic FTP client commands and observed that while authentication was technically required, the service leaked directory contents and allowed informational commands (ls, dir, pwd) without proper validation. **Responsible Approach**: The researcher practiced ethical disclosure by stopping at observation, taking redacted screenshots, and avoiding destructive exploitation techniques. They focused on documenting the misconfiguration for responsible reporting rather than accessing sensitive data. **Impact**: Exposed directory structures could reveal system architecture, file naming conventions, or sensitive data paths, potentially facilitating further attacks or reconnaissance. **Mitigation**: Proper FTP configuration should disable anonymous access, implement strict authentication requirements, restrict directory visibility, and ensure least-privilege access controls with proper file system permissions. Regular security audits of exposed services are essential. #infosec #BugBounty #Cybersecurity #ResponsibleDisclosure #FTPSecurity #VulnerabilityDisclosure
https://medium.com/@H4RUK7/the-day-i-found-an-unsecured-ftp-a-responsible-disclosure-story-00caf67ec647?source=rss------bug_bounty_tips-5