LEARN Dictionary Attack (password cracking) Tutorial with Video
Dictionary Attack is a method hackers adopt in password cracking. It is used to hack and gain access into ftp servers (see the different methods of password cracking). FTP server stands for file transfer protocol. It is used to gain access into a website's database in order to do things like changing the database, editing the database or deleting a whole website's database. Tools like Brutus(recommended for windows), Cain and Abel, John the Ripper, THC Hydra, Solarwinds and other tools is used by hackers for this purpose.
In this case, I will use Brutus. (you can download brutus for windows here)
FTP address is similar to website address, only that it uses ftp:// instead of http://.
STEPS IN DICTIONARY ATTACK
1. Choosing your target: the first step is to find the IP Address of the website you want to attack (you can find it here).
2. Go to ftp://IPAddress, you will get a pop-up box that requests for the server's username and password
3. Launch your cracking tool (brutus in this case) it should be like this
4. Put the IP address at Target, Put type as FTP(for cracking FTP server, the default port is 21, but if you find out that it is not 21 in your case, then do a port scan(We will talk about port scan in another tutorial).
5. If you don't know the username, you will have to get a list with common usernames and for pass mode, select word list. Browse and select the file containing your word list.
Some good word list can be gotten here
Below is an example of user list and word list
6. Once the start button is hit, the process will start and the program will try to get the correct username and password by trying to combine different words from the user list and word list
7. If you are lucky enough, the right combination can be gotten.
8. To ensure that you don't get caught, try to use a proxy by ticking enable proxy and adding a different proxy address, or you can change your local IP Address by downloading Hotspot Shield or other Software for hiding IP
See the video tutorial here
Our next post will be on Brute force Attack. Like our Facebook page at the top right hand of the page and also follow us on google+ , you can also subscribe to our newsletter from the page
DISCLAIMER
The information provided in this post is to be used for educational purposes only. The writer is in no way responsible for any misuse of the information provided. All of the information in this post is meant to help the reader develop a hacker defense attitude in order to prevent the attacks discussed. In no way should you use the information to cause any kind of damage directly or indirectly.
You implement the information given at your own risk.
In this case, I will use Brutus. (you can download brutus for windows here)
FTP address is similar to website address, only that it uses ftp:// instead of http://.
STEPS IN DICTIONARY ATTACK
1. Choosing your target: the first step is to find the IP Address of the website you want to attack (you can find it here).
2. Go to ftp://IPAddress, you will get a pop-up box that requests for the server's username and password
3. Launch your cracking tool (brutus in this case) it should be like this
4. Put the IP address at Target, Put type as FTP(for cracking FTP server, the default port is 21, but if you find out that it is not 21 in your case, then do a port scan(We will talk about port scan in another tutorial).
5. If you don't know the username, you will have to get a list with common usernames and for pass mode, select word list. Browse and select the file containing your word list.
Some good word list can be gotten here
Below is an example of user list and word list
6. Once the start button is hit, the process will start and the program will try to get the correct username and password by trying to combine different words from the user list and word list
7. If you are lucky enough, the right combination can be gotten.
8. To ensure that you don't get caught, try to use a proxy by ticking enable proxy and adding a different proxy address, or you can change your local IP Address by downloading Hotspot Shield or other Software for hiding IP
See the video tutorial here
Our next post will be on Brute force Attack. Like our Facebook page at the top right hand of the page and also follow us on google+ , you can also subscribe to our newsletter from the page
DISCLAIMER
The information provided in this post is to be used for educational purposes only. The writer is in no way responsible for any misuse of the information provided. All of the information in this post is meant to help the reader develop a hacker defense attitude in order to prevent the attacks discussed. In no way should you use the information to cause any kind of damage directly or indirectly.
You implement the information given at your own risk.
Comments
Post a Comment