PDA

View Full Version : How Could I Make This Work?



yahoowizard
12-01-2007, 10:18 AM
OK, this guy I know had just unlawfully banned me from a forum I signed up recently, long story. It's a general IP ban, so I am able to still access the website through a proxy. Anyways, the username/password form allows unlimited tries and I wish to know whether there is any simple brute force cracker out there just to try multiple passes for one username?

Moonbat
12-01-2007, 02:12 PM
Well, I think there's a brute forcer called Form@ that works. You'd have to look it up though, I think it can be found on h4cky0u forums.

Oh and no, Form@ isn't a joke for format, it's the name of the program. I've never tried it, but I"ve heard others say it works.

yahoowizard
12-01-2007, 04:16 PM
Thanks a lot Moonbat, I found what I wanted

Moonbat
12-01-2007, 10:16 PM
No problem. Did it work?

yahoowizard
12-02-2007, 12:59 PM
The site gave me a lot of good resources for brute force, even though I was unable to find the one that you mentioned. Anyway, I am not sure how to use it . If It is a forum, is it FTP server hacking? And how do I get the IP that it asks for? I currently have no idea what I am doing but I have the programs to do it.

Finally, the h4cky0u.org forums was easy to use yesterday, but today when I use it, it gives me a 40* error...What do I need to do for this?

Moonbat
12-02-2007, 08:08 PM
Maybe h4cky0u forums are down, that's probably the reason you get errors.

Anyway, the IP can be gotten from here:

http://www.selfseo.com/find_ip_address_of_a_website.php

Follow the instructions on the page and you're set.

As for "FTP hacking" you'll need to try to connect to the site on port 2* using whatever program you're using.

Shadowdq
12-17-2007, 02:57 AM
As for "FTP hacking" you'll need to try to connect to the site on port 2* using whatever program you're using.

isnt it port 20? if not can you explain to me why?

Moonbat
12-17-2007, 08:37 PM
Well, I'm not an Internets expert, all I know is that anything related to the FTP is done on port 2*. I guess the IANA just chose 2* to be the port used for FTP.

Shadowdq
12-20-2007, 12:48 AM
i found it on Cisco.netacad.net


The File Transfer Protocol (FTP) provides an easy method to transfer files from one computer to another. A host running FTP client software can access an FTP server to perform various file management functions including file uploads and downloads.

The FTP server enables a client to exchange files between devices. It also enables clients to manage files remotely by sending file management commands such as delete or rename. To accomplish this, the FTP service uses two different ports to communicate between client and server.

Requests to begin an FTP session are sent to the server using destination port 2*. Once the session is opened, the server will change to port 20 to transfer the data files.

FTP client software is built into computer operating systems and into most web browsers. Stand-alone FTP clients offer many options in an easy-to-use GUI-based interface.

Moonbat
12-20-2007, 01:11 PM
Hm, I never knew that the actual files were sent over port 20. I learned something new today! :D

Shadowdq
12-20-2007, 08:32 PM
I knew there was something to do with port 20... i am in a Cisco Discovery class at my school so i knew i saw it somewhere

elite_chaos
12-24-2007, 10:06 PM
ftp goes through port 2* not 20 ?
where do u guys see files going through 20 ?

thanks

Moonbat
12-25-2007, 09:10 AM
According to most sources I've read, the FTP session is begun and ended through port 2*, and the actual files are sent over port 20. Google it up, you'll get the same thing.

coz
12-28-2007, 01:16 PM
Yes Moonbat is correct but I'll you need to know is to connect to port 2*. This will be about as useful as when you tried to brute force your way into someones forum account. Not to mention I'm sure your not using anything to hide your ip. Trust me all your connection attempts will be logged. Besides that your only hope is probably trying for something like an ftp bounce attack (very old and may not work) or metasploiting your way in. Unless your a spammer or just want to cloak your email you wont need the bounce attack. For the metasploit project you'll want nmap to detect what services, and versions they have running. Then search metasploit for the exploit. Good luck but I wouldn't try to hard. But from there what would you do? That require much more knowledge.