In this way, I can download any number of files from the remote server to my local machine. In the same way, I enter into another directory of interest to me “Images” and download the only image present in it to my desktop. It contains some usernames and passwords. Let’s see the contents of the users.txt file just downloaded. Since I had set my local directory to desktop it will be downloaded to Desktop. I decide to download the file users.txt to my machine using the command get users.txt. There is one text file named users.txt in the directory. I go to the users directory using command cd users and then list the files in the directory by using command ls. There are four directories in the FTP server:Detroit, Images:lena and users. Then I use DIR command to list the directories in the FTP server. Once I am into the remote machine I try some FTP commands but before that I change my local directory to Desktop.
I successfully logged into the FTP server. Then I try to log into the FTP server of the remote machine using CMD with the authentication result achieved above. Then after starting the cracker, Brutus runs and gives one positive authentication result. Then I select the file pass.txt containing some common passwords and just hope to crack the password. I choose type as FTP since I am about to crack a FTP server. Brutus comes with a built in username(users.txt) and password list(pass.txt).As the victim machine is running Windows XP which comes with a default administrator account, I decide to add “administrator” to the users.txt file. I decide to choose dictionary attack since it is faster than brute forcing. Brutus has both dictionary and brute force attack options. I decide to use Brutus to crack the remote FTP password. The scan also shows that the victim machine which is LIVE is running a ftp server and its operating system is Windows XP.
After performing the scan, the results show that only one system 10.10.10.3 is alive. In the target option, I specify IP address as 10.10.10.2-10 and I choose profile as intense scan to get maximum information about the target. I decide to scan the following range of ip addresses to look for any live hosts. The ip address of my system happens to be 10.10.10.1. Imagine I am the script kiddie, I first find out my own computer’s ip address by typing the command “ipconfig” in the command line. As you will see, Zenmap is used for scanning for any open ports of live machines and Brutus is a password cracker. In this scenario, script kiddie is using a Windows XP machine and two tools Zenmap and Brutus available for free to download. For the newbies, script kiddie is a person with little knowledge of hacking or any programming languages and instead searches for automatic tools to hack the computers. Hi everybody, today I’m gonna show you remote password cracking with Brutus.
0 kommentar(er)
