Introduction
Recommending a website for readers who want to understand or learn about artificial intelligence knowledge. The content on this site is presented in an easy-to-understand and humorous manner, which has been very helpful to me. I want to share this treasure trove of a website with everyone, please click the link below to view.https://www.captainbed.cn/f1
Using the Wireshark tool, capture and analyze the FTP protocol. This article uses a Windows 10 x64 configured in VMware Workstation.
1. Virtual Machine Win10 Environment Configuration
Install and activate Windows 10 in a virtual machine. For detailed configuration of the Win10 environment, please refer to this article. When I have more time, I may consider writing an article on virtual machine environment configuration.
2. FileZilla Client Installation and Configuration
Download FileZilla Client
FileZilla Client official download link
/>
Click Download, and choose to download FileZilla
/>
Install FileZilla
Just keep clicking next through the installation process
3. FileZilla Server Installation
Download FileZilla Server
FileZilla Chinese website, first open this website
Click download immediately, and download the Windows version
The version to download depends on your needs
Just wait for the download, if the system reports it’s insecure, you need to adjust some settings
Installation
I won’t go into too much detail about the software installation. It’s mainly used in a virtual machine; you can install it on this computer first and then drag it to the virtual machine, or you can install it directly in the virtual machine.
The following image shows that I installed it on my computer first, and then dragged it to the virtual machine
4. Capture FTP Packets
Preliminary Work
First, start the virtual machine, then start the FileZilla server
Since I’ve used it before, the first time you use it, it’s installing services, repeat clicks, then proceed to the next step once the options below appear
Open FileZilla Server Interface
Simply click OK
Enter the following interface
Next, we need to check the IP address of the virtual machine. Use Win + r to enter cmd, input ipconfig
ipconfig
For example, my IP address is 192.168.231.128
Remember the IP address, go back to the FileZilla Server Interface, click on settings in Edit
Click on IP binding, ensure it is a wildcard *
Then open passive mode settings, enter the IP address of the virtual machine that you just checked
Close the page, return to the main interface, click on users in Edit
First, click add on the right, then set your own password, finally click OK, completing the user configuration
Packet Capture
First, open Wireshark, note that when we capture FTP from a virtual machine, we are capturing Ethernet, not WLAN
On the physical client, open FileZilla, execute FileZilla.exe, enter the previously set hostname, username, and password, then click Quickconnect, the port number should be remembered as 21
If the following result appears, it indicates successful login. If unable to log in, we need to disable the firewall of the virtual machine
Complete Packet Capture
You can see the captured FTP packets as follows