# 69/UDP TFTP/Bittorrent-tracker
{% hint style="success" %}
Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
{% embed url="" %}
## Basic Information
**Trivial File Transfer Protocol (TFTP)** is a straightforward protocol used on **UDP port 69** that allows file transfers without needing authentication. Highlighted in **RFC 1350**, its simplicity means it lacks key security features, leading to limited use on the public Internet. However, **TFTP** is extensively utilized within large internal networks for distributing **configuration files** and **ROM images** to devices such as **VoIP handsets**, thanks to its efficiency in these specific scenarios.
**TODO**: Provide information about what is a Bittorrent-tracker (Shodan identifies this port with that name). If you have more info about this let us know for example in the [**HackTricks telegram group**](https://t.me/peass) (or in a github issue in [PEASS](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite)).
**Default Port:** 69/UDP
```
PORT STATE SERVICE REASON
69/udp open tftp script-set
```
## Enumeration
TFTP doesn't provide directory listing so the script `tftp-enum` from `nmap` will try to brute-force default paths.
```bash
nmap -n -Pn -sU -p69 -sV --script tftp-enum
```
### Download/Upload
You can use Metasploit or Python to check if you can download/upload files:
```bash
msf5> auxiliary/admin/tftp/tftp_transfer_util
```
```bash
import tftpy
client = tftpy.TftpClient(, )
client.download("filename in server", "/tmp/filename", timeout=5)
client.upload("filename to upload", "/local/path/file", timeout=5)
```
### Shodan
* `port:69`
{% embed url="" %}
{% hint style="success" %}
Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://angelica.gitbook.io/hacktricks/network-services-pentesting/69-udp-tftp.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
