Understanding FTP using raw FTP commands and telnet

Posted by iphp on May 5, 2009 in Development Technology, Web Development |
Subscribe

Both FTP and SMTP are simple text based protocols. A previous article showed how to check if an email address exists using SMTP commands from the terminal. Here I would like to show you how you can use raw FTP commands to connect to an FTP server, login, traverse directories and even download files. But before we do this we need to understand how FTP is different from the other protocols. 

Firstly FTP (File Transfer Protocol) uses two channels, the data channel and the control channel.  This is called out-of-band control. The control channel sends commands to the FTP server and the data channel is used for data (to retrieve files from the server, etc).

Secondly there are two major modes of FTP operation, the active mode and the passive modes. The difference lies in the way the data channels are opened. In Active FTP, the FTP server will connect to the client port and send data to it. In Passive FTP, the FTP server will tell the client which port to connect to for retrieving data. Firewalls can complicate the process on both sides. 

In our example, we will use Passive FTP (avoiding firewall issues on client) to download a file using anonymous FTP login to the IETF servers. There are a lot of files on this server by some estimates it is about 4GB. We will pick up a small file called ftpext-charter.txt located in the /ietf/ftpext/ folder on the server.

Open the terminal/command prompt (On windows, Go to Start > Run > type cmd). Once you are on the command prompt, type this command to connect to the FTP server and issue commands

C:\> telnet ftp.ietf.org 21

220 ProFTPD 1.3.1 Server (ProFTPD) [64.170.98.33]
USER anonymous
331 Anonymous login ok, send complete email address as your password
PASS blogger@webdigi.co.uk
230 Anonymous access granted, restrictions apply
CWD ietf/ftpext/
250 CWD command successful
PASV
227 Entering Passive Mode (64,170,98,33,151,31).
RETR ftpext-charter.txt
150 Opening ASCII mode data connection for ftpext-charter.txt (6060 bytes)
226 Transfer complete
QUIT
221 Goodbye. 

                                     Commands/Response on control channel

We issued these five commands in the following order at lines 2, 4, 6, 8, 10 and 13
USER – Send username to the FTP server
PASS  - Send the password (Anonymous servers need email address)
CWD  - Change the working directory on the server
PASV – To enter the passive mode (To let client connect to the server)
RETR – To retrieve a remote file from the server
QUIT – To terminate the connection to the server 

Between line 10 and 12, you will notice that the file was downloaded. To start the download, I had to open up another telnet window to open the data channel. To figure out to which IP address and port I had to connect to, we have to look at line number 9. We received a set of numbers (64,170,98,33,151,31) from the server in response to the PASV command. The first four related to the IP address 64.170.98.33 and the last two 151 and 31 help us identify which port to connect to.  Multiply the first by 256 and add it to the second. So, 151 * 256 + 31 which is equal to 38687.  Now that we have the IP address and port number, all we have to do is to open a second terminal and telnet to IP:Port as shown below:

C:\> telnet 64.170.98.33 38687 

This will now show you all the contents of the file ftpext-charter.txt being thrown into your second terminal window. Once this is done, you can proceed to type further commands on the control channel (the first terminal window).

Notes:
- The anonymous FTP server on IETF has a 60 second timeout on its control channel connection. Please connect to your own FTP servers they might be more forgiving to humans on terminals.
- FTP is not very secure as you can see the password and username are sent in plain text! Also, there is no encryption as you saw on file downloads or uploads.
- Type HELP once you send your password to see what commands you can issue the server.
- Here is a list of raw FTP commands and the parameters
- Here is a list of anonymous FTP servers
- This is the FTP sequence diagram which explains stuff at DNS and TCP level
- On windows there is a built in command line FTP tool (called ftp). It is useful but it does not show us how to use raw commands and communicate to an FTP server.
- SFTP (SSH File Transfer Protocol), FTPS (FTP over SSL) are more secure ways of using FTP.

ftp-commands2

The FTP HELP command via terminal

Hope this helps!

Tags: , ,

19 Comments

Skaldrom Y. Sarg
May 5, 2009 at 2:01 pm

Thanks for this post, reminding me of the times we had ONLY text based ftp clients (just a bit more comfortable than telnet). That was about 300 years ago :)


 
Mike
May 5, 2009 at 3:37 pm

Very informative article thanks a bunch for this. Do you know the reason we need to multiple the 2nd last number and add the last for PASV mode?


 
Player
May 5, 2009 at 3:54 pm

@Mike
64,170,98,33,151,31 are all octets(meaning group of eight). Eight bits have a maximum value of 255 and a minimum of 0. So if you multiply the octet 151 by 256 and add it to 31 you get the port.


 
Sadjow
May 6, 2009 at 1:37 pm

Thanks man!
Very Good!
Best Regards!


 
Nasir
Jan 23, 2010 at 2:02 pm

Great dude


 
Guitam
Feb 17, 2010 at 3:04 pm

Thanks for the details on your blog. This is great! Thank you!


 
AK
Feb 24, 2010 at 11:18 am

Good Information, Short and easy to understand


 
pradeep
Apr 26, 2010 at 12:21 pm

Whether the last two numbers changes every time when we enter into the passive mode…this thing is not working on mine laptop..tel me plz some suggestion


 
Paula Jones
Jun 8, 2010 at 6:17 am

Very helpful and so informative, many thanks.


 
Scott
Sep 10, 2010 at 9:22 pm

Tremendous help. Thank you it saved me a lot of time.


 
Shaks
Jan 5, 2011 at 1:03 am

Excellent exlpanation, exactly what i needed.

Thank you very much sir!


 
vavan
Feb 18, 2011 at 12:25 pm

Thank you, very useful, but how to upload file?


 
George Jordanov
Mar 16, 2011 at 6:35 pm

@vavan
A month later but hope help you… Uploading files can be done the same way as reading is shown above but instead of RETR command use STOR (and data channel is used to stream data to).
Thanks the author very helpful article.


 
John Sanabria
Mar 21, 2011 at 12:57 am

neat


 
Jason Murphy
May 4, 2011 at 7:02 pm

Hi,

I’m after some help with FTP RAW commands. I’ve written a FTP client in C++ using winsock. I’m fairly happy with the progress but before calling the STOR subcommand, I’d like to change the local directory. I can’t seem to find help on that anywhere. I’m looking for the FTP RAW equivalent of the LCD command.

Anyone?

Thanks for your help.

Regards, Jason


 
Franklin
May 12, 2011 at 7:54 am

Great, it worked perfectly on my blog


 
richard
Nov 17, 2011 at 1:53 pm

Great…. do you have one one on how to telnet from windows 7 using smtP?


 
Federico
Nov 17, 2011 at 8:24 pm

Very nice article, easy to start and complete. Thanks.


 
mastropiero90
Dec 2, 2011 at 6:30 am

HI!
First of all, THANKS!
I’m playing around to make my own php ftp client, and I require to understand (at least) the basics about raw FTP commands, and after googling for a while I couldn’t find something easy to diggest, but U have exceeded my expectations with this!
May sound a bit exaggerated.. anyway, it turns out that I am also interested in effective pedagogical methodologies. Piaget comes to my mind, because I see how you’ve realized what would other person need to understand, in order to form his own mental structure of how an FTP transfer is done.
Thanks again.
Best!


 

Reply

Copyright © 2012 PHP, Web and IT stuff All rights reserved. PHP Web development in London.