.

Bypassing ftp password

<<

maksimu

Newbie
Newbie

Posts: 3

Joined: Tue Sep 11, 2007 11:13 am

Post Tue Sep 11, 2007 11:39 am

Bypassing ftp password

Hi, I'm new in hacking. Actually I'm not a hacker I'm just taking security course in college and professor told us "If we can hack he's server and gain root access and add user then we'll get A in that class and don't have to show up anymore". :-\

So, can any body help me to figure out how to do that or just give me some suggestions about that.

I used NMap to scan he's IP and only FTP, SSH and HTTP ports are open.

So I was thinking to get that access through FTP. How Can I do that?

Here is professors IP: <modified>
Last edited by maksimu on Tue Sep 11, 2007 1:26 pm, edited 1 time in total.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Sep 11, 2007 1:30 pm

Re: Bypassing ftp password

The IP address you posted is public. Probably not a good idea to post that, especially if it has been purposely left open for your class to get in. So hope you don't mind that I removed it.

Speaking of which, try putting http://<removed ip address> in your browser and see what comes up. This will give you a clue on how to proceed.

Other than that, it wouldn't be fair if we got your A for you, now would it?  ;)

Don
CISSP, MCSE, CSTA, Security+ SME
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Tue Sep 11, 2007 2:22 pm

Re: Bypassing ftp password

Hmmm... telnet can be so useful when you know how to get the most out of it.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

maksimu

Newbie
Newbie

Posts: 3

Joined: Tue Sep 11, 2007 11:13 am

Post Tue Sep 11, 2007 2:30 pm

Re: Bypassing ftp password

Don, thank you for your reply.

Other than that, it wouldn't be fair if we got your A for you, now would it?


No, it is fair. Professor said that we can use any sources to do that. He'll give us an A if we can demonstrate it how we did it. (If you want, I can give you he's e-mail to prove it, but I think it is not necessary)

By the we on that server he's hosting he's own website, here is how you can get there:

http://<removed ip address>/~hlin/sec370.htm

I know that there is Red Hat linux and Apache server, but I don't know what I can use to do that.  ???


Hmmm... telnet can be so useful when you know how to get the most out of it.


Telnet port is closed
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Tue Sep 11, 2007 5:14 pm

Re: Bypassing ftp password

I wasn't talking about the port, I was talking about the protocol.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

LSOChris

Post Tue Sep 11, 2007 6:21 pm

Re: Bypassing ftp password

i sent  you a PM but for everyone else and since its for a class and for you to learn.

start with a FULL port scan and service  version id of the IP

nmap -A x.x.x.x -p 1-65535

so things to look at  would be what versions of SSH, FTP, and apache is the box running and what kernel version is it.  that will help us get you started and help you narrow down your search for usable exploits.

-chris
<<

EmanoN

Newbie
Newbie

Posts: 41

Joined: Wed Sep 12, 2007 3:37 pm

Post Wed Sep 12, 2007 4:04 pm

Re: Bypassing ftp password

At least one person tried to answer his question rather than being vague or delete anything. Hacking FTP is very basic stuff. The very first thing you should do is see if you can log on anonymous. If not, try a few attempts to guess the password. If still no luck, try running a FTP password cracker. The only downside is you will be logged if there is any kind of security. If I am worried about hiding, then I run an nmap scan as previously mentioned to try and see what version of FTP is running. If its an older 3rd party software, I might be able to exploit it with a simple easy to find online exploit. If not, I might have to download a copy of the FTP program and Fuzz it myself, but we are getting a bit more advanced for the readers here I gather.
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Sun Sep 16, 2007 12:34 am

Re: Bypassing ftp password

Hey maksimu,

Looks like you've been given pretty good advise to get yourself started with this project of yours. You said you're new to this so I thought I would suggest you google for an exploit or vuln on whatever version of FTP, SSH, etc.. that you find through your nmap scan. You can also search with your results via Metasploit, mimlw0rm or a number of other exploit publishing sites.

Good luck!
GCIH, Security+, Network+, A+, MCP, DCSE
<<

maksimu

Newbie
Newbie

Posts: 3

Joined: Tue Sep 11, 2007 11:13 am

Post Sat Sep 22, 2007 6:55 pm

Re: Bypassing ftp password

After scanning with NESSUS I found three holes in that System. Now I don't know how to use those holes to gain access.

Here is one hole (quotes from NESSUS report):

unknown (7101/tcp)

 
The remote X Font Service for TrueType (xfstt) might be vulnerable to a buffer
overflow which may lead to code execution or a denial of service.

An attacker may use this flaw to [glow=red,2,300]gain root on this host
remotely
[/glow] or prevent X11 from working properly.

Note that Nessus did not actually check for the flaw
so this might be a false positive


Solution: Upgrade to the latest version of xfstt

Risk Factor : High


::) So, what do I need to do to gain root access?

Thanks!
<<

nitinceh

Newbie
Newbie

Posts: 5

Joined: Fri Sep 28, 2007 2:14 pm

Post Fri Sep 28, 2007 3:33 pm

Re: Bypassing ftp password

maksimu wrote:Hi, I'm new in hacking. Actually I'm not a hacker I'm just taking security course in college and professor told us "If we can hack he's server and gain root access and add user then we'll get A in that class and don't have to show up anymore". :-\

So, can any body help me to figure out how to do that or just give me some suggestions about that.

I used NMap to scan he's IP and only FTP, SSH and HTTP ports are open.

So I was thinking to get that access through FTP. How Can I do that?

Here is professors IP: <modified>


Dear,

you need to come out of the world of Security and Hacking, and have a look at exploits and developments of Shellcodes, also you can keep an eye on major 0-day vulnerabilities listings.

see, to make u understand better, it depends on what OS is running on the he's OS /PC/Server, then u also need the open ports, along with this u will need the most accurate Service information running on those specific open ports, now with armed with all this information , you can now start your hunt , since you are not into hacking, so you can try to search exploits or shellcodes for those services which are found running.

if you are a lucky one , you may find a couple or four, and then you can obtain a shell/root/admin/user privileges and if it is just user level rights, then u may need to escalate your privileges to that of an Admin/root.

Hope this will help you in understanding how to hack/get into he's computer/pc/server.


Thanks

Nitin Kushwaha

India

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software