Hello Friends
I really Love Backtrack 5 and all the tools it comes with, Metasploit, Xhydra, Nmap, some of the most popular. But there's nothing i enjoy more than the feeling of success, the feeling you get when your hard work finally pays off, and the password goes through. I had a lot of fun doing this as a password pentester back in my younger days. i was surprised at just how easy it was to get peoples passwords using a brute forcer and the right server configuration. i was popular on AIM. i had over 160 friends, and what that meant is that i had over 160 active screen names to try and get the password to!
Here's how it's done.
Fire up a terminal, zenmap and Xhydra
ping smtp.aol.com your output should look like this:
In some circumstances the IP address will be different. i will supply you with the correct one; but hypothetically any IP address will work
step 1. ping smtp.aol.com (64.12.175.136)
Here's how it's done.
Fire up a terminal, zenmap and Xhydra
ping smtp.aol.com your output should look like this:
In some circumstances the IP address will be different. i will supply you with the correct one; but hypothetically any IP address will work
step 1. ping smtp.aol.com (64.12.175.136)
step 2. port scan the IP address and verify port 587 (SMTP AUTH) is open
step 3. input data into Xhydra
-target tab-
single target: 64.12.175.136
port: 587
service: smtp
-password tab-
username: programmerdemon (or any screenname)
password: passwordlist (i have my own)
*others can be found in /root/pentest/passwords/wordlist/
*or/root/pentest/passwords/john/password.lst
-tuning tab-
about 8 tasks should be fine
-start-
it was my Screen Name so i didn't show the password. also, you may want to use a proxy. any questions don't hesitate to comment or email.
Thanks!
Post a Comment