Pen test

Hello, Im gonna penetration test my friends website but i got some problems with it.. Hes got an ftp server on the computer where he hosts hes site which means hes port 21 is open.. I tryed to telnet him with putty but nothing worked.. I tryed rlogin, SSH etc on different ports such as 21 which is the ftp port, what am i doing wrong? I also tryed port 80 which is http port. Please help me! Also come with tips, ty

Ok ;D Then ill PM someone :P

I would port scan him first, figure out what is open, then use to corresponding program to connect. Might I suggest SmartFTP for your ftp connect. Its what I use. Or if you are using windows, instead of opening telnet, just type ftp and use that to connect.

Does any1 know a good ftp bruteforcer?

I know that answer would come, well yea its the best way but im new to programming and im in need of one. :/

Is he hosting it from his own computer?

If NO! Do NOT DO ANYTHING TO THE SERVER. Any hosting company in their right mind would interpret this as a malicious act, and there is nothing you could say to convince them otherwise.

If YES! He's likely using Windows, so he most likely won't be using Rlogin or SSH. Find out what version of what FTP daemon he's using and go from there. Connect using clients with protocols that MATCHED THE SERVER! Don't use Telnet for FTP, Don't use Telnet for HTTP, and Don't use Telnet for SSH. Don't use Putty for most of these either, just telnet/ssh. What good could come of telneting to HTTP? All you see is HTTP protocol, the same stuff your browser sees.

Don't brute force. In short, it DOESN'T WORK.

If he's asking you to pentest the SITE, pentest the SITE. Not the server.