Free Preparation Discussions
MENU
Eccouncil 212-82 Exam - Topic 10 Question 63 Discussion
Topic #: 10
A John-the-Ripper hash dump of an FTP server's login credentials is stored as "target-file" on the Desktop of Attacker Machine-2. Crack the password hashes in the file to recover the login credentials of the FTP server. The FTP root directory hosts an exploit file. Read the exploit file and enter the name of the exploit's author as the answer. Hint: Not all the credentials will give access to the FTP. (Practical Question)
John-the-Ripper Usage:
John-the-Ripper is a popular open-source password cracking tool used to detect weak passwords. It works by performing dictionary attacks and brute force attacks on password hashes.
Cracking the Hashes:
Load the hash file into John-the-Ripper using the command:
bash
Copy code
john target-file
John will then attempt to crack the passwords using its internal mechanisms.
Accessing the FTP Server:
Once the hashes are cracked, use the recovered credentials to log in to the FTP server. Not all credentials may be valid, so try each until successful access is gained.
Reading the Exploit File:
Navigate to the FTP root directory and locate the exploit file. Use a command like cat to read its contents:
cat exploit-file
The content of the file will include the author's name, which is 'nullsecurlty' in this scenario.
Currently there are no comments in this discussion, be the first to comment!