TFTP File Server - Metasploit
This page contains detailed information about how to use the auxiliary/server/tftp metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: TFTP File Server
Module: auxiliary/server/tftp
Source code: modules/auxiliary/server/tftp.rb
Disclosure date: -
Last modification time: 2021-01-28 10:35:25 +0000
Supported architecture(s): -
Supported platform(s): -
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This module provides a TFTP service
Module Ranking and Traits
Module Ranking:
- normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.
Basic Usage
msf > use auxiliary/server/tftp
msf auxiliary(tftp) > show targets
... a list of targets ...
msf auxiliary(tftp) > set TARGET target-id
msf auxiliary(tftp) > show options
... show and set options ...
msf auxiliary(tftp) > exploit
Go back to menu.
Msfconsole Usage
Here is how the server/tftp auxiliary module looks in the msfconsole:
msf6 > use auxiliary/server/tftp
msf6 auxiliary(server/tftp) > show info
Name: TFTP File Server
Module: auxiliary/server/tftp
License: Metasploit Framework License (BSD)
Rank: Normal
Provided by:
jduck <[email protected]>
todb <[email protected]>
Available actions:
Name Description
---- -----------
Service Serve files via TFTP
Check supported:
No
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
OUTPUTPATH /tmp yes The directory in which uploaded files will be written.
SRVHOST 0.0.0.0 yes The local host to listen on.
SRVPORT 69 yes The local port to listen on.
TFTPROOT /tmp yes The TFTP root directory to serve files from
Description:
This module provides a TFTP service
Module Options
This is a complete list of options available in the server/tftp auxiliary module:
msf6 auxiliary(server/tftp) > show options
Module options (auxiliary/server/tftp):
Name Current Setting Required Description
---- --------------- -------- -----------
OUTPUTPATH /tmp yes The directory in which uploaded files will be written.
SRVHOST 0.0.0.0 yes The local host to listen on.
SRVPORT 69 yes The local port to listen on.
TFTPROOT /tmp yes The TFTP root directory to serve files from
Auxiliary action:
Name Description
---- -----------
Service Serve files via TFTP
Advanced Options
Here is a complete list of advanced options supported by the server/tftp auxiliary module:
msf6 auxiliary(server/tftp) > show advanced
Module advanced options (auxiliary/server/tftp):
Name Current Setting Required Description
---- --------------- -------- -----------
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Auxiliary Actions
This is a list of all auxiliary actions that the server/tftp module can do:
msf6 auxiliary(server/tftp) > show actions
Auxiliary actions:
Name Description
---- -----------
Service Serve files via TFTP
Evasion Options
Here is the full list of possible evasion options supported by the server/tftp auxiliary module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):
msf6 auxiliary(server/tftp) > show evasion
Module evasion options:
Name Current Setting Required Description
---- --------------- -------- -----------
Go back to menu.
Related Pull Requests
- #14696 Merged Pull Request: Zeitwerk rex folder
- #13443 Merged Pull Request: Add descriptions to auxiliary modules Actions
- #8716 Merged Pull Request: Print_Status -> Print_Good (And OCD bits 'n bobs)
- #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
- #6655 Merged Pull Request: use MetasploitModule as a class name
- #6648 Merged Pull Request: Change metasploit class names
- #3077 Merged Pull Request: Allow TFTP server to take a host/port argument
- #2525 Merged Pull Request: Change module boilerplate
- #1228 Merged Pull Request: MSFTIDY cleanup #1 - auxiliary
Go back to menu.
See Also
Check also the following modules related to this module:
- auxiliary/admin/tftp/tftp_transfer_util
- auxiliary/dos/scada/d20_tftp_overflow
- auxiliary/dos/windows/tftp/pt360_write
- auxiliary/dos/windows/tftp/solarwinds
- auxiliary/scanner/snmp/cisco_config_tftp
- auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp
- auxiliary/scanner/tftp/netdecision_tftp
- auxiliary/scanner/tftp/tftpbrute
- exploit/windows/ftp/32bitftp_list_reply
- exploit/windows/ftp/freefloatftp_user
- exploit/windows/ftp/freefloatftp_wbem
- exploit/windows/ftp/netterm_netftpd_user
- exploit/windows/ftp/scriptftp_list
- exploit/windows/tftp/attftp_long_filename
- exploit/windows/tftp/distinct_tftp_traversal
- exploit/windows/tftp/dlink_long_filename
- exploit/windows/tftp/futuresoft_transfermode
- exploit/windows/tftp/netdecision_tftp_traversal
- exploit/windows/tftp/opentftp_error_code
- exploit/windows/tftp/quick_tftp_pro_mode
- exploit/windows/tftp/tftpd32_long_filename
- exploit/windows/tftp/tftpdwin_long_filename
- exploit/windows/tftp/tftpserver_wrq_bof
- exploit/windows/tftp/threectftpsvc_long_mode
- post/windows/gather/credentials/smartftp
- auxiliary/dos/http/ms15_034_ulonglongadd
- auxiliary/dos/http/wordpress_long_password_dos
- auxiliary/dos/syslog/rsyslog_long_tag
- auxiliary/fuzzers/http/http_get_uri_long
- encoder/mipsbe/longxor
- encoder/mipsle/longxor
- encoder/ppc/longxor
- encoder/ppc/longxor_tag
- encoder/sparc/longxor_tag
- exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce
- exploit/multi/http/playsms_filename_exec
- exploit/windows/http/hp_power_manager_filename
Authors
- jduck
- todb
Version
This page has been produced using Metasploit Framework version 6.1.27-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.