DE ice level 1 questions

Viewing 5 reply threads
  • Author
    Posts
    • #4359
      LT72884
      Participant

      Ok i have started reading books. I own the CEH 6th edtion review guide. I have my virtual lab set up with bt3 and deice 1. I have found user name for interns remote login via ssh. Just not his password. This is where i could use the help. Im completly new at this. I just need to be lead the way a lil bit. Maybe hold my hand while i cross the street for the first time sorta thing. Then once im across. i will learn from there..

      Thanx

      Matt

    • #27577
      impelse
      Participant

      To crack the password of the users you need back track 2, back track 2 has a password list that you have to uncompress and use that for dictionary attack, others back tracks version does not have that password.

      Check the heorot.net forum for more information.

    • #27578
      Kev
      Participant

      The heorot.net forum has everything you need to walk through disk 1 including a complete walk through.  I recommend only going there after you have tried everything possible for at least a couple of weeks.  You wont learn much if you just look at the answers so try and resist the temptation.  You are on the right track so now focus on cracking passwords. Google everything you can on that subject. Also remember that some users take their own name and add a few things to it make a password so you might want to create a short password list of your own.

    • #27579
      Ketchup
      Participant

      There are a ton of wordlists all over the web.  Just Google “wordlist.”  

      LT, you have the username, now you need the password.   You can use a tool to brute-force / dict attack the SSH daemon.   You can also write your own tool using Perl and the Net::SSH::Perl library.   There are also a few SSH vulnerabilities, one particularly juicy one, that you can exploit.  A Google search will reveal these.  

      Take your time, Google, research, and really understand what you are trying to accomplish.  

    • #27580
      LT72884
      Participant

      LOL, awesome. thanx for the info. i plan on taking a few weeks for level 1

    • #27581
      impelse
      Participant

      You can try vulnerabilities but I am 100% that will not find any I spent 1 week testing differents vulnerabilities and I could not find any because the Idea of this live cd is teach how to find misconfigurations or low security practices like password that you can ahck using diccionaries attack.

Viewing 5 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?