How to crack things like FTP/SSH/POP3 etc. Well, here is a quick way todo this for all you Windows users out there, provided you have a decentsized password dictionary. I personally use one of about 3.16GB insize, but for this tutorial I'm only going to use a small passwordlist, just so you get the feel of it.
First step, download hydra from HERE.
If u want to use THC-Hydra thn you must also download Cgywin.
(For Windows users : Download both n install Cgywin n thn compile THC-Hydra from Cgywin)
Download the zip file,extract it, and make sure you see the files below.
Ifyou do, that's good. Go to Start - Run - cmd to open the commandprompt.
Then change to your hydra folder using the “cd” command.
Forexample my hydra folder was on the desktop, so I did this with "cd desktop" (by default CMD will place you in users home dir).
Nowthat you've done this, it's time to execute Hydra for the first time!Sorry Windows fans, but there is only a GUI for Hydra for Linuxsystems, you you're gonna have to do it the old fashioned way. Neverthought you'd see that happen did ya? Just type “hydra.exe” without quotes, and watch the result
Next, we will do a quick scan to think of some IP's to attack. I would advise Nmap. You can download it from here : NMAP 5.00 or NMAP 5-10 BETA.
Install it. Find outyour IP address, so that you know a possible IP range. In the commandprompt sessions, type “ipconfig” and watch the results.
For example, in my case, the range is at least 10.1.1.1-4, but I'll go from 1 to 10just to be safe. Fire up Nmap and do a ping scan “nmap -sP 10.1.1.1-10”to see what hosts are alive, and wait for the results.
Picka host to port scan – I picked 10.1.1.1 because it is a router, and formost people the password is generally pretty simple, if not default.Port scan it using something like “nmap -sS -sV -P 0 -T5 -O 10.1.1.1”and see if it's running any services (click on the “Ports/Hosts” tab atthe end for a simpler view of the services running and their ports)
I'll be attacking the Telnet port because Iknow that it works, because I know you guys think Telnet is the be-alland end-all of hacking, and because the Windows version of THC-Hydraisn't compiled with LIBSSH support (unless you did it yourself), and assuch I can't attack SSH – otherwise I'd be doing that instead. It's somuch better. Head back to your command session, and review the outputfrom Hydra before; it tells you the services it can crack. Afterlooking through it, and realising that Telnet definitely is there, wecan now proceed to attack it with the command “hydra -l admin -Ppasslist.txt 10.1.1.1 telnet”.
Anexplanation of the command: -l admin was used because I assumed thatthe router would have the login of “admin”. You can use username listsas well if you wish. -P passlist.txt specified a password dictionarynamed “passlist.txt” - make sure to have the -P include the capital P,otherwise you'll be specifying a password to try. 10.1.1.1 is therouters IP address, and telnet is the protocol we want to attack. Nowobviously we could tell it to attack that protocol on a different port,but we won't bother with that right now unless anyone else wants to seehow. My dictionary only included 4 words for the purpose of thistutorial.
N now, you can get the cracked password....
Official README file.
Thanks.....
1 comments:
hey there and thanks to your information ? I've certainly picked up anything new from right here. I did however expertise a few technical points using this web site, since I skilled to reload the web site many times prior to I may just get it to load correctly. I were brooding about in case your hosting is OK? Now not that I'm
complaining, however sluggish loading cases occasions will
sometimes impact your placement in google and could injury your quality rating if advertising and marketing with Adwords.
Well I'm adding this RSS to my e-mail and can look out for a lot more of your respective exciting content. Ensure that you update this once more very soon..
Also visit my web site ... free download windows 8 ultimate
Post a Comment