Hello all
i wanted to ask the pro's if there is anyway i can learn how to understand this
program and finally finding a hole.or maybe there is already one
please answer - say your thoughts-
one more thing
can someone tell me why whenever i RPC someone and TFTP my Slave.exe
then running it - and it doesnt do the job it needs (open up incoming connections on port 4000) it succeed only once - and i think thats cuzz it already had the same slave.exe before i came. anyway
someone knows a good RADMIN replacement that can be activated through RPC or TELNET
email me or ICQ me
31809245

There's a chinese program out there somewhere that can brute force an admin password via terminal services. Goes to show, yes it's possible unless the server blocks auth attempts from your IP after so many tries.

It's likely that you can't connect to your remote admin servers because the remote host is firewalled. Try killing the firewall. There's a batch file lying around here somewhere that will kill all the most popular AV and Firewall prog's.

here's that chinese tutorial (a screen movie player):
http://www.chinesehack.org/down/show.asp?id=3720

by the way: it would be nice if someone can make a re-checker for Radmin, to get the IP's without a password from the whole list. (now i'm having 2 or 3 of 50 ip's without asking a password).

thanks anyway.

soryy that i bounce the post but i need help...

i realy need a program that tests radmin servers for blank or easy password...

i know that an app like that is out there-but i cant fund it...

please help.. 10x !

yep axl, me needs the same
ne1 who can help us with building a small program yes please ?

i´m also searching for such a pass brute force!!!

there is an sql bruter and i think someone could code this for radmin such without a username...

well for radmin2.1 there is a brute force cracker. but for the rpc i don't know if it's possible..

"well for radmin2.1 there is a brute force cracker. but for the rpc i don't know if it's possible.. "



O_O

Where? xd

you sure?

cuz alot of ppl have searched only to come back empty handed
unless it was made RECENTLY.. then i donno
but there is a mirc addon for RAdmin that scans for ip's but all the versions are infected
and it uploads a bot

if i had it i would share it . but the dude that have doesn't want to share it with me :@:@:@:@ .i'm very pissoff about it..

i didn't believe it but he cracked my radmin server :S ( i scaned if i have trojan or something ) but even with a clean os he cracked my pass.. :s

hmm i need that scanner to

it a shame he wont share

greetz

evreybody want it m8....
i guess we will need to wait....but it will come one day...i hope so...


AsD10

i highly and i mean HIGHLY doubt there is one, ive heard a lot of talk, but no follow thru of this. the keys are encrypted based upon another alogorythm which wouldnt be possible to mimic... unless you have the radmin.exe program being runn like howevermany times with a password for each time being run, but other than that i say its non-existant.
dfind does support blank (i believe, it may just be radmin servers in general), and i think thats as far as its gonna get, because of the hash being sent out is generated differently each time.

then again proove me wrong

ive done various research on the packets and data thats being sent, as well as analysis of the code in asm, yet havent got anywhere with it, so search around the forums for more information.