Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   Hacking ports (http://www.go4expert.com/forums/hacking-ports-t14793/)

kunals 26Oct2008 04:11

Hacking ports
Alright im trying to hack my school's website, ( i get points if i do it successfully)
i scanned the webserver ip and i found, ports 80 (http), 3389, 25 and 8081 open.

i know port 3389 is to remote access it and i have done that already, but
when i use the Remote Desktop connection thing, i get into the computer successfully, but it asks me to log into the computer, and i need to somehow brute force the password.
how can i do this?

Also what can i do with port 25 and 8081?

neo_vi 26Oct2008 13:29

Re: Hacking ports
bruteforcing is tough. use any other security weakness to login as a super user or root.

kunals 27Oct2008 02:48

Re: Hacking ports
well, idk if it has any weaknesses, because its simply a login
to get into a person's user account, cause everyone in the schools has their own
account. what u mean root?

SpOonWiZaRd 27Oct2008 19:56

Re: Hacking ports
Linux can crack RDP and VNC protocols, aswell as sniffing with Cain & Abel while using APR attack you can get the hash and then crack it, sniff between two or more computers, i.e a server and a few teachers while doing APR, get the hash and crack it. Read this: http://www.go4expert.com/showthread.php?t=14438 it might help, and read Cain's help file so that you know the tool inside and out: http://www.oxid.it

SpOonWiZaRd 27Oct2008 19:57

Re: Hacking ports
with cain you can get the NTLM hash, that is the password you want...

germanboy104 27Oct2008 21:29

Re: Hacking ports
yea.....if ur using a PC to acess the network, just boot it off UBUNTU or some other free OS.
u can get the admin and use it 2 log on

kunals 28Oct2008 03:58

Re: Hacking ports
wait guys, when i remote access the computer, i just seem a log in page, so im not able to
log into anything! i don't have access to a user account. all i have access to is a login screen.

SpOonWiZaRd 28Oct2008 15:34

Re: Hacking ports
Read my previous post... Do that

germanboy104 28Oct2008 17:44

Re: Hacking ports
yea but.....maybe a stupid question.....he doesnt have a username to access the account
what if the username isnt standard? (ie Administrator)
but use that linux hack fo sho

SpOonWiZaRd 28Oct2008 18:48

Re: Hacking ports
Cain & Able has a Users enumerator to see the names of all the user accounts, thus he knows the user account he only needs the password hash so that he can crack the hash. The hash will be NTLM, to boot up from a cd he will need to be in physical contact with the target computer thus not making it a remote attack. He has to do it remotely as I understood. Enumerate the users using Cain & Abel, then get the hash, crack it using Cain & Abel and there you go. You can even Export the hash and take it home to crack it on your own time. To sniff the hash you will need to read the Help file on Cain & Abel, the manual is in there describing all the program features and uses.

All times are GMT +5.5. The time now is 10:32.