Longcat
-
Posts
20 -
Joined
-
Last visited
Posts posted by Longcat
-
-
Well, if everything was legal, I say you call microsoft and your ISP and try to figure it all out.
-
Of course I am.. :)
-
AHA, I got it, THANKS FOR THE HELP EVERYONE!!
-
Ok, well, I've been googling around and found this...
http://www.derkeiler.com/Mailing-Lists/sec...2/msg00027.html
But I don't know this:
Obtain and place a copy of mstsc.exe and mstscax.dll version5.1.2600.2800 (you may be able to find it in an $NTUninstall under
%windir%) in the same directory as TSGrinder.
Can anyone help?
-
-D 1
I did this, and the same thing happens, the Terminal Client comes up, but no username is inputted, nor passwords are tried.. Is there something else I need?
-
As I've said in many other threads, my friend has a server set up so I can "practice" if you will. I want to try to crack a RDP password.. Anyone got any ideas?
I'm trying to use tsgrinder, but for some reason it is timing out.
I type
C:\tsgrinder>tsgrinder -w dict -l leet -u administrator xx.xxx.xx.xxx
Anyone see a problem?
EDIT: I believe it's a windows 2003 server.
-
Brute forcing a login is different to cracking passwords. Cracking passwords takes allot of CPU power and time, brute forcing passwords takes a decent size botnet and time to be done effectively.
I see, thanks Sparda.
-
You need to get the passwords first in order to crack them. Otherwise, yes, if you have a spare millennia or so.
So you're saying I need a list of the passwords, because open bruteforcing with upper and lowercase alpha + symbols would take infinite time..?
-
Ok, my friend has a server set up and has a forums that he wants me to test if I can crack the password of his account.
Is there any way I can do this in either XP or Backtrack 4?
-
UPDATE:
Ok, it seems even xhydra is borking out.
I added the password to the base password.lst in
/pentest/wireless/aircrack-ng/test/
Around the 30th line. I did the same thing in xhydra and it even ATTEMPTed it, but it scrapped it as a password and gave me three wrong passwords
-
mmm can u paste what hydra promt you when u lunch the last command ?
Ok, well, I did the command in xhydra, and I found that the passlist didn't have the password. I added it to my list (he gave it to me to see if it was user error) and I ran xhydra again, it found it, but the Console shell is still becoming confused and dropping 3-4 wrong passwords. haha.
I'll stick to xhydra then..
-
I can't say are you choose good -flags in this process... But if Hydra find password it have been showed in cmd promt... So if everything else is good, wordlist dont have right password.
Well, I am using Backtrack 4. Not windows, just to start off with.
Secondly. Yes, the passlist might not have the password, but I don't see why Hydra wouldn't try the first time and I also don't see how Hydra can output like 6-8 wrong passwords when I try a different "url" (https://xx.xxx.xx.xxx/svn/ or /)
-
A lot of things include the redist so its likely that it will already be installed.
This. Although, my computer just got it like 2 weeks ago. So some people might have it, others might not.
-
Ok, I'm back, with another question.
My friend has a SVN server. You can connect to it using https://xxx.xxxx.xxx.xx/
I asked if I can crack it and he set me up an account just to crack it. Here is what I have in my Hydra command line...
Hydra -l hackme -P /pentest/wireless/aircrack-ng/test/general.lst -e ns -t 10 -f -s -vV xx.xxx.xx.xxx https-get https://xx.xxx.xx.xxx/svn/ -o Output.txt
Then when I start the command, I just get this..
Hydra v5.4 (c) 2006...... [DATA] 10 tasks, 1 servers, 2293 login tries (1l:1/p:2293), ~229 tries per task [DATA] attacking service http-get on prot 443 [STATUS] 849.00 tries/min, 849 tries in 00:01h, 1444 todo in 00:02h [STATUS] 767.50 tries/min, 1535 tries in 00:02h, 758 todo in 00:01h [STATUS] 726.00 tries/min, 2178 tries in 00:03h, 115 todo in 00:01h [STATUS] attack finished for xx.xxx.xx.xxx (waiting for childs to finish) Hydra (http://www.thc.org) finished at 2009-10-11 15:16:48
And the output has nothing written into it. I also tried the command
Hydra -l hackme -P /pentest/wireless/aircrack-ng/test/general.lst -e ns -t 10 -f -s -vV xx.xxx.xx.xxx https-get / -o Output.txt
But it outputs a bunch of wrong passwords.
Any ideas?
-
Well, I did capture a handshake by using another computer and disconnecting-reconnecting.
I also know that the key length is 8 characters.
-
Has anyone got BT4 toinstall onto the eee 701 yet
Actually, I heard the 701 DOES support it, but i'm not 100% sure, I have my 900HA running it, but the resolution is different.
-
Ok, I am using a general wordlist for my router, My step-dad wont give me the wpa (I believe he is just too lazy to find the paper he printed it on or lost it...) key and my cat chewed through the ethernet cord I use on my laptop.
I use these commands in BT4.
airmon-ng start wlan0 airodump-ng mon0 airodump-ng -c 11 --bssid (BSSID) -w wpa mon0 and lastly aircrack-ng -w /pentest/wireless/aircrack-ng/test/general.lst -b (BSSID) *.cap
Then it goes through the 1.7 or 1.8 million words it has saved on the lst file.. It seems (idk all the way yet) that they are all not right, is there a way to get lower and uppercase alpha tables in there without taking a crapload of space? And even if I have the HUGE files, is there a way to use them in aircrack or something?
I will appreciate anyone's answers.
Longcat B)
-
These are also in Jack in the Box and Burger Kings on their monitors.. ;)
Knoppix status
-
I just came..
Maybe a stupid question...?
in Questions
Posted
Ok, this might be stupid, but I have a question. How would I connect to a network through the internet?
So, say I wanted to get on my friends network, without physically being there, and snoop? (This is an example, not really doing this, just a question I've been looking for an answer for..)
Or connecting to one PC across a network to "Pwn" it or something, any ways to do this?
Thanks, and all answers are welcome, even if they are funny jokewize types.