Not the most exploitable protocol though but look if it has anonymous guest login enabled that's kind of vulnerability exploiters can use that and install some backdoor in it or something like that so be careful about that. We can use that like this and use usrename and password as anonymous and then use the shell there.

ftp <target ip> 
Username : Anonymous
Password : Anonymous


To get files in ftp its just

get <filename>

But lets say if you are in a folder and wanna get all the files without any prompts or anything

prompt off
mget *

and this will transfer all the files from the directory

Also to see hidden directories

ls -lah