We can always crack ourself a way into those servers. But REMEMBER!!! This is ILLEGAL!!! But i'll just imagine you guys always follow the rules and will never ever try this out in real and are just reading this you've got nothing else to do.
So what am i gonna teach you in this post? Well...
- Running a simple wordlist made by me for just checking
- Seeking for vulnerabilities and using exploits
- Using wordlists
- Bruteforceing (i do not recommend this)
First of we're gonna try a simple wordlist for just checking whether the site made a just simple to guess password for the server. Cuz, why should we try a full dictionary when the password is just ftp which is of course in my password list.
We call the trying of words in the password form a dictionary attack. We can of course try all the passwords by hand, but this would cost to much time and physical activity. Instead we use software. You might want to try out the following apps:
Windows
-Hydra
-Brutus
Linux
-XSCAN 2.3
-Hydra
So now, depending on the software, you chose for dictionary attack and select a wordlist. And if your bruteforcer enables the feature to select a userlist, just chose the passlist as well. The list isn't that long and all users are included in the list so... Now press run and there you go!
Now where can you get this passlist then?
Here it is. Just copy the text into you texteditor and save it as passlist.txt.
passlist.txt
---------------------------------------------------
admin
guest
anonymous
ftp
FTP
ADMIN
ADMINISTRATOR
ROOT
root
r00t
GUEST
000
0000
password
blanc
blank
_blanc
_blank
pass
pas
user
test
test1
test2
test3
test
test4
ren
iown
god
hack
hackme
youdontknow
music
mp3
mp4
movies
download
downloadftp
avi
films
film
movie
cinema
server
ftp-server
ftpserver
net
netwroking
networking
hack
hacker
clear
cls
owner
---------------------------------------------------------------------------
Now of course you can also make one yourself or search for word lists. Such as dictionaries. Just go to google and type in ext:txt dictionary and you get some wordlists. You can of course also look in webpages itself. Now we're not gonna try out every wordlist we can find right? Now we should search depending on your target. Is it a ftp server for friends with an mostly easy to guess password use mine, but if it is an ftp server about games search for a list of games or game characters. When the server is about movies search for lists which consist of movies. I could go on for years.
Another thing to do is using an exploit. To use an exploit you first have to know which service or software is running on the ftp server. To do this we can scan the target with NMAP. We know the ftp port usually is 21 so we scan the ports 1 till 100. We do this by typing in nmap -p1-100 targetsip. But now we don't have the service so we just type in nmap targetsip.
You now should get a list of ports and the services running on it. For example:
21 FTP ProFTPd *.*.*.
What we could also do is reading the header message when we connect to the FTP server by the bouldin FTP software on UNIX and Windows computers. Go to the commandprompt and type in 'ftp target'. You now get an ftp header message for example:
welcome to ProFTPd *.*.*. 1 of 21 allowed blabla.
We now know that we have to do with PROFTPD and the version number.
Now we go to our best friend Google and type the service (ProFTPd) and the version number and exploit. So ProFTPd *.*.* exploit. Now you should get some exploits ready. Look for remote exploits which means
Posts
Geen opmerkingen:
Een reactie posten
Let me know what you think about my posts or ideas by using this handy gadget!
Please contact me when your have questions about discussed subjects. My email is raseac.mi.a@gmail.com.