Jump to content

white hat hacking help.


bommaboy2789
 Share

Recommended Posts

My mate at skewl has recently acquired a website and hes lookin for me to try 'nd do some white hat hacking, to test its security.

I figured my first attempt would be a usual blunt force trauma styled hackin, aka brute force.

dose anyone here no of a good ftp username and pass word brute forcer?

and if you guys have any tips on hacking him please don't heasitate to post em.

p.S i am not jokin he has asked me to hack him so don't lock this please.

Link to comment
Share on other sites

The best kind of attack on things like that are social engineering attacks.

Try and send a email to him asking him to confirming his email username and password. If you want to go to the effort, get some one to call him (who he doesn't know) claiming to be from his host and do the same.

Link to comment
Share on other sites

My mate at skewl has recently acquired a website and hes lookin for me to try 'nd do some white hat hacking, to test its security.

I figured my first attempt would be a usual blunt force trauma styled hackin, aka brute force.

dose anyone here no of a good ftp username and pass word brute forcer?

and if you guys have any tips on hacking him please don't heasitate to post em.

p.S i am not jokin he has asked me to hack him so don't lock this please.

Oh wow... no... just no.

Knowing you, your not doing this for your "white hat" reasons, if I recall correctly you tried to pull this last time.

Do I have any tips on hacking him... hmm let me think, you give almost no information other than its a "website", so no.

Link to comment
Share on other sites

[me=SomeoneE1se]laughs[/me]

silly n00b blunt force trama style attacks are for 1337 h4x0rz

And users who carry tire irons and louisville slugger's in their trunk just in case they run into said n00bs.

Link to comment
Share on other sites

If you want to brute force a FTP server (i have no idea why you would ever want to, as its  a very ineffective method).  And most FTP servers will ban you if you attempt more then 4 logons, so you'd have to get a mess of proxies, but anyway if you REALLY want to,  use brutus (win32), or hydra(win32/linux) they support wordlists as well. Again, this kind of situation calls for more a SE attack, or access his physical system and try to dump some saved passwords, because people often use the same password in more then one place.

"White Hat" ? Yeh ok.

Link to comment
Share on other sites

just beat your friend up until he gives you the password.

brute forcing a ftp server is extremely slow and and many ftp servers have a timeout or a ban after a certain amount of failed logins which could make your brute forcing  take years and you still wont be any closer to cracking the username and password, especially  if you don't even know the username of the ftp login, so your brute forcing both the username and the password which will exponentially increase the time it takes

Link to comment
Share on other sites

  • 2 weeks later...
The best kind of attack on things like that are social engineering attacks.

Try and send a email to him asking him to confirming his email username and password. If you want to go to the effort, get some one to call him (who he doesn't know) claiming to be from his host and do the same.

Are there any websites/ tutorials for this?

Thanks.

Link to comment
Share on other sites

I know that it would be easy.  I was just wondering if there was some known tactics.  I'll just use my imagination.

Search the forums. There were some threads about where to start when learning about hacking, etc. They cover social engineering and such basic fundamentals. Also, as anyone will probably tell you, read, read, and then read some more. Not that I have a pie chart on me or anything but I would say 90% of hacking is knowledge and research and the other 10% is execution. Tinkering, trial and error. Search google and wikipedia, read tutorials and watch any videos you can get yoru hands on, but nothing will teach you more than just experimentation and trying things on your own to see what works.

Link to comment
Share on other sites

Search the forums. There were some threads about where to start when learning about hacking, etc. They cover social engineering and such basic fundamentals. Also, as anyone will probably tell you, read, read, and then read some more. Not that I have a pie chart on me or anything but I would say 90% of hacking is knowledge and research and the other 10% is execution. Tinkering, trial and error. Search google and wikipedia, read tutorials and watch any videos you can get yoru hands on, but nothing will teach you more than just experimentation and trying things on your own to see what works.

Thank you very much digip!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...