# 69 - UDP TFTP

{{#include ../banners/hacktricks-training.md}}

## Basic Information

**Trivial File Transfer Protocol (TFTP)** is a straightforward protocol used on **UDP port 69** that allows file transfers without needing authentication. Highlighted in **RFC 1350**, its simplicity means it lacks key security features, leading to limited use on the public Internet. However, **TFTP** is extensively utilized within large internal networks for distributing **configuration files** and **ROM images** to devices such as **VoIP handsets**, thanks to its efficiency in these specific scenarios.

**TODO**: Provide information about what is a Bittorrent-tracker (Shodan identifies this port with that name). If you have more info about this let us know for example in the [**HackTricks telegram group**](https://t.me/peass) (or in a github issue in [PEASS](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite)).

**Default Port:** 69/UDP

```
PORT   STATE SERVICE REASON
69/udp open  tftp    script-set
```

## Enumeration

TFTP doesn't provide directory listing so the script `tftp-enum` from `nmap` will try to brute-force default paths.

```bash
nmap -n -Pn -sU -p69 -sV --script tftp-enum <IP>
```

### Download/Upload

You can use Metasploit or Python to check if you can download/upload files:

```bash
msf5> auxiliary/admin/tftp/tftp_transfer_util
```

```bash
import tftpy
client = tftpy.TftpClient(<ip>, <port>)
client.download("filename in server", "/tmp/filename", timeout=5)
client.upload("filename to upload", "/local/path/file", timeout=5)
```

### Shodan

- `port:69`


{{#include ../banners/hacktricks-training.md}}