.

DE ice level 1 questions

<<

LT72884

User avatar

Jr. Member
Jr. Member

Posts: 99

Joined: Thu Oct 15, 2009 3:11 pm

Location: Utah

Post Thu Oct 22, 2009 3:49 pm

DE ice level 1 questions

Ok i have started reading books. I own the CEH 6th edtion review guide. I have my virtual lab set up with bt3 and deice 1. I have found user name for interns remote login via ssh. Just not his password. This is where i could use the help. Im completly new at this. I just need to be lead the way a lil bit. Maybe hold my hand while i cross the street for the first time sorta thing. Then once im across. i will learn from there..

Thanx

Matt
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Thu Oct 22, 2009 4:56 pm

Re: DE ice level 1 questions

To crack the password of the users you need back track 2, back track 2 has a password list that you have to uncompress and use that for dictionary attack, others back tracks version does not have that password.

Check the heorot.net forum for more information.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Thu Oct 22, 2009 5:49 pm

Re: DE ice level 1 questions

The heorot.net forum has everything you need to walk through disk 1 including a complete walk through.  I recommend only going there after you have tried everything possible for at least a couple of weeks.  You wont learn much if you just look at the answers so try and resist the temptation.  You are on the right track so now focus on cracking passwords. Google everything you can on that subject. Also remember that some users take their own name and add a few things to it make a password so you might want to create a short password list of your own.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Thu Oct 22, 2009 5:52 pm

Re: DE ice level 1 questions

There are a ton of wordlists all over the web.  Just Google "wordlist."  

LT, you have the username, now you need the password.   You can use a tool to brute-force / dict attack the SSH daemon.   You can also write your own tool using Perl and the Net::SSH::Perl library.   There are also a few SSH vulnerabilities, one particularly juicy one, that you can exploit.  A Google search will reveal these.  

Take your time, Google, research, and really understand what you are trying to accomplish.  
~~~~~~~~~~~~~~
Ketchup
<<

LT72884

User avatar

Jr. Member
Jr. Member

Posts: 99

Joined: Thu Oct 15, 2009 3:11 pm

Location: Utah

Post Thu Oct 22, 2009 6:02 pm

Re: DE ice level 1 questions

LOL, awesome. thanx for the info. i plan on taking a few weeks for level 1
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Thu Oct 22, 2009 10:09 pm

Re: DE ice level 1 questions

You can try vulnerabilities but I am 100% that will not find any I spent 1 week testing differents vulnerabilities and I could not find any because the Idea of this live cd is teach how to find misconfigurations or low security practices like password that you can ahck using diccionaries attack.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software