Follow us on Twitter!
Your life is ending one minute at a time. If you were to die tomorrow, what would you do today?
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 24
Guests Online: 20
Members Online: 4

Registered Members: 82824
Newest Member: devilslegion
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Pen test


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 15:45
Hello, Im gonna penetration test my friends website but i got some problems with it..
Hes got an ftp server on the computer where he hosts hes site which means hes port 21 is open.. I tryed to telnet him with putty but nothing worked.. I tryed rlogin, SSH etc on different ports such as 21 which is the ftp port, what am i doing wrong? I also tryed port 80 which is http port.
Please help me! Also come with tips, ty


Author

RE: Pen test


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 18:59
Ok ;D Then ill PM someone Pfft


Author

RE: Pen test


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 19:40
I would port scan him first, figure out what is open, then use to corresponding program to connect. Might I suggest SmartFTP for your ftp connect. Its what I use. Or if you are using windows, instead of opening telnet, just type ftp and use that to connect.


Author

RE: Pen test


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 21:32
Does any1 know a good ftp bruteforcer?


Author

RE: Pen test


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 22:49
I know that answer would come, well yea its the best way but im new to programming and im in need of one. :/


Author

RE: Pen test


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 23:20
Is he hosting it from his own computer?

If NO!
Do NOT DO ANYTHING TO THE SERVER. Any hosting company in their right mind would interpret this as a malicious act, and there is nothing you could say to convince them otherwise.

If YES!
He's likely using Windows, so he most likely won't be using Rlogin or SSH. Find out what version of what FTP daemon he's using and go from there. Connect using clients with protocols that MATCHED THE SERVER! Don't use Telnet for FTP, Don't use Telnet for HTTP, and Don't use Telnet for SSH. Don't use Putty for most of these either, just telnet/ssh. What good could come of telneting to HTTP? All you see is HTTP protocol, the same stuff your browser sees.

Don't brute force. In short, it DOESN'T WORK.

If he's asking you to pentest the SITE, pentest the SITE. Not the server.