Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:62200922316
HistoryFeb 26, 2009 - 12:00 a.m.

Really innocent? Peep Serv-U password-cracking-vulnerability warning-the black bar safety net

2009-02-2600:00:00
佚名
www.myhack58.com
67
JSON

Now the invasion, get a WebShell is a very easy thing, especially with the WHOIS technical disclosure obtained after the WebShell is even more simple. There are times when the other server is set to be not very sick, we can use directly enter the hard drive path, so as to obtain access to access to the file. Such as blue screen of ASP Trojan, whether we point to which letter, did not show any files when we browse the box to directly input such as:C:\Progra~1, often to be able to view inside of the catalog file, although we have no way of modifications, but we have permission to view, and we see the most is Serv-U this folder ServUDaemon. ini file, so that you can know the other site’s physical path, sometimes directly in the ASP Trojan enter browse, enter the physical path you can access to want to access the folder. The original of such technology is very popular, however now this hack method is flooding after it is not too the line, then do we just give up? Of course not, we can also get his encrypted files to crack, maybe good luck can be a few put the password to restore, or you and to Black the This station has a Vendetta big hate, in any case have to be black for him, then the boot Manager kept running his password right, one day you can run out.

Crap that a bunch of, the following is entered, the online current personal discovery and collection of the special broken Serv-U password software have 3, one is a script to write, the running speed is too slow, here is not to come up to come, the other two, one is the wind blue writing, one is dumb. The difference between the two is that the former relies on a large dictionary file, a personal experiment until you find the line with the password if you usually have collect a dictionary of preferences, then now is the use of the best. The latter is also a blast, the principle is exhaustive.

Here we first look at the wind Blue, the Get the password to fill in, a good dictionary is the most critical place. In according to your machines Configuration select the line layer, if the dictionary has a corresponding password, and Soon you can get. I kuD8B707746AEFF0B2E5AA674DC43EAF07 to test the effect, in the software The lower right shows the restored password file 1 2 3 4 5 6, easy to use, the only downside is the need to have a large number of dictionaries.

Below we look at the MD5CRACK, it is currently online for the fastest MD5 crack software, about his MD5 crack we here will not say more, the major said that under its latest features Serv-U the ciphertext to crack. The following is the online cattle people to write some of the principles, in the crack before the first understand the principles of talent is our pursuit of the direction. Serv-U to encryption algorithms:

First, randomly generate two characters, it is best to lowercase letters; and
The second step, the first step to produce the string plus you need the password MD5; the
In the third step, the first step of the two-character plus second step of generating the MD5 encoding of the uppercase added together on the line.

For example, such as you need the password: PASSWORD, a randomly generated two letters: aa, added together is aaPASSWORD it. OK, will aaPASSWORD do an MD5 process, to give: B1560E2A738B10F02E930D6CBDDB1626, and then finally stored into the ServUDaemon. ini inside is aaB1560E2A738B10F02E930D6CBDDB1626. The steps generally are as follows: delete the encrypted files of the first two, and then configure the template dictionary plug-in, select the line layer you can. On the plug-in Configuration the author also did a very good description, here is not nagging. Below we same to kuD8B707746AEFF0B2E5AA674DC43EAF07 as an example to illustrate:

First step: remove the first two characters of ku, leaving D8B707746AEFF0B2E5AA674DC43EAF07, the encrypted password is input to a single ciphertext block, the software prompts the password is valid;
The second step: choose a software below the use of plug-ins, and in the list, select the template dictionary plug-in, select Settings.
Third step: the most crucial step, the condition setting is good or bad is directly related to the crack of the success and time and other issues. Due to the above is to set yourself a password, so know the password of the original number of bits is 6 bits, but is pure digital, so we in the plugin configuration here just fill in: a[k][u]6{0-9}–here the meaning is 0-9 numbers for the dictionary, and exhaustive of all of their six permutations and combinations to authenticate whether the presence of the correct password value, you can set up 5 0 the thread after the start of the crack the password. Point of beginning, less than 3 0 seconds out the results.

We’ll break down the letters type the password, here it is in 5-bit letters for the password, the ciphertext is za83C06C9AD418439EF5FEF43C85ED40f2, in accordance with the preceding steps, removing the first two bits, the dictionary mode is[z][a]5{a-z}, the open 5 0 thread. Took 1 min 4 seconds to crack out.

If your machine is strong enough can completely open 1 0 0 thread even more. As for the other Dictionary of the configuration, such as letters and numbers, letters and characters, etc., are basically the same principle, there is not experimental.

How? Reading is not some harvest? Although blasting is people look down on, but sometimes bursting or have no small role. Hurry up and get back to your previous WebShell, perhaps previously take not of the station now have the opportunity to win!

JSON