Enumeration

Port Scan 

# Nmap 7.80 scan initiated Sun Mar 21 22:09:16 2021 as: nmap -sV -sC -oA nmap/output watcher.thm
Nmap scan report for watcher.thm (10.10.90.140)
Host is up (0.081s latency).
Not shown: 997 closed ports
PORT   STATE SERVICE VERSION
21/tcp open  ftp     vsftpd 3.0.3
22/tcp open  ssh     OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   2048 e1:80:ec:1f:26:9e:32:eb:27:3f:26:ac:d2:37:ba:96 (RSA)
|   256 36:ff:70:11:05:8e:d4:50:7a:29:91:58:75:ac:2e:76 (ECDSA)
|_  256 48:d2:3e:45:da:0c:f0:f6:65:4e:f9:78:97:37:aa:8a (ED25519)
80/tcp open  http    Apache httpd 2.4.29 ((Ubuntu))
|_http-generator: Jekyll v4.1.1
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Corkplacemats
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sun Mar 21 22:09:32 2021 -- 1 IP address (1 host up) scanned in 16.18 seconds

Flag 1

Content of robots.txt

User-agent: *
Allow: /flag_1.txt
Allow: /secret_file_do_not_read.txt

b2cd9858ea531eae706ce32804a66448.png

Flag 2

cad9f641a9ac90872dd747260ceefeb4.png

Base64 decoded string:

Hi Mat,

The credentials for the FTP server are below. I've set the files to be saved to /home/ftpuser/ftp/files.

Will

----------
ftpuser:givemefiles777

d9c43120f05225e6a5499214555fd139.png