bAcKbOnE
Nov 9 2003, 06:23 AM
hey mates, I´ve scanned some networks and found some running ftp server, so now I want the admin axx of the ftp server, with which Tool can I bruteforce it - does it work ?
atomix
Nov 9 2003, 12:24 PM
honestly if i were you, id take "cracking" as a last resort to breaking into a remote server. try finding out the service banners and the OS of the peoples servers and see if theyre vulnerable to any exploits or advisories you could look into. if that doesnt work out, THEN go to cracking. chances of cracking are lower than the chances of getting in with a security hole.
Blackknight
Nov 9 2003, 01:21 PM
most ftps servers are now set up to block ips that try multiple attempts of passwords and their are no effective ways other then vulnrabilites.. you could always hack the actual server and read the password list for the ftp
and crack it locally
Hardcore
Nov 29 2003, 08:18 AM
If you REALLY want to try some Dictionary attempts at FTP....use XSCAN 2.3...
www.xfocus.org...
Pretty good tool for all sorts of stuff.
-Hardcore
akis
Dec 8 2003, 09:09 PM
if you are gonna bruteforce the ftp....
1)write down any info of the system you can find.if its a web site make a dictionary of the website!
2)try to search for common user names and passwords on the internet.a good dictionary should do the job!
3)finally find a good brute force tool...brutus is a well knowed tool!very good as i remember you can use a proxy too
good luck
Tx_
Dec 17 2003, 01:58 PM
yeah
Tx_
Dec 17 2003, 01:59 PM
....
Tx_
Dec 17 2003, 02:13 PM
brutce
PuPPaFiSH
Dec 17 2003, 04:51 PM
If your using linux you could always use a kewl proggy called Hydra by THC
u533m3n0t
Dec 29 2003, 03:28 PM
I know a little about the web based info gathering, and accessing, and have heard the term "Brute forcing," but no one has ever explained exactly what that technique physically involves. I can't post a topic yet, but would be very appreciative of any clarification anyone may be able to offer me on this.
Feanor
Dec 29 2003, 05:58 PM
| QUOTE (Blackknight @ Nov 9 2003, 01:21 PM) |
most ftps servers are now set up to block ips that try multiple attempts of passwords and their are no effective ways other then vulnrabilites.. you could always hack the actual server and read the password list for the ftp  and crack it locally |
there is a theoretical way to overcome this problem, dunno if it ever works, and with which program can u use it.
The point is that after there is a succsessful login, the number of failed logins is reset, SO, what you do, is after trying one false password, you log on as a guest, or any logon you already have. And so you can get all the passwords you need, without getting a ban.
But again, better find a vulnerability, and get axxs to that server without brute forcing- it will take far less time.
And even better- scan for some vulnerability from the beggining.
VorteX
Dec 30 2003, 12:23 AM
grab the banner of the ftp program and see for some exploit out there, much more efficient and unnoticed
ara2
Jan 6 2004, 10:35 PM
| QUOTE |
| I know a little about the web based info gathering, and accessing, and have heard the term "Brute forcing," but no one has ever explained exactly what that technique physically involves. |
web based info gathering would be requesting the computers webserver, to see what OS is running on it.
brute force is trying every password possible, either from a dictionary list, or all possible combinations. a then b then c, envtually aa, ab, ac, and so on.
headbanger
Jan 6 2004, 10:46 PM
i would suggest x-scan for this
there are a million ways to bruteforce into ftp, but i dont do this.. just try going to google and search bruteforce ftp or something in the sort
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
