Meh Help

GhostFileDDL · Post by **GhostFileDDL** » 06 Apr 2007, 23:44

How do I hack xxx.com?

Jking..

Well normally, as a first post, I'd like to contribute but I am sorry that my

question has to be a little like the one above ^

Meh, I have got the DDoser v.5 by xyr0x, and the ip scan with that for

www.farez.org was ------->64.191.19.181

I portscanned it and got ------->

TCP: 64.191.19.181 [21-ftp]
TCP: 64.191.19.181 [25-smtp]
TCP: 64.191.19.181 [53-domain]
TCP: 64.191.19.181 [80-www-http]
TCP: 64.191.19.181 [110-pop3]
TCP: 64.191.19.181 [143-imap]
TCP: 64.191.19.181 [443-https]
TCP: 64.191.19.181 [465-url-rendezvous]

Are those the open "ports" ?

I couldn't DDos them, I probably didn't even know how to.

And the thing I am asking is what can I do with them.

-Thanks

Post by **ayu** » 07 Apr 2007, 03:58

Yes, these are open ports, and all of them has a service listening on them.

Usually the services listening are as you listed above, as in for example port 21 has FTP listening for connections. But this isn't always the case. Anyway, you can either try to bruteforce an FTP account or find a vulnerability to exploit on one of the services. For example port 443 seems to be running something called "cPanel", so now that you know that this port runs cPanel you can googled for something like "cPanel vulnerability" and see what comes up (downloading the demo of cPanel first and learn a little about it to see the possibilities would be a good idea). Also the server runs an Apache server for incoming HTTP connections. You could try to find out what version it is running and then find an exploit to (for example) take the server down.

Anyway, there are lot's of possibilities. Use your imagination

GhostFileDDL · Post by **GhostFileDDL** » 07 Apr 2007, 10:52

Meh, thanks I'll have to look around and see what I can do :S

Plus, at least I know what Bruteforcer is, but how would I bruteforce a FTP?

~thanks

Meh, I got some FTP bruteforcers,

Post by **CommonStray** » 07 Apr 2007, 13:07

one of the best tools you can use to determine what services are running and what ports are open is nmap at insecure.org its a very good recon tool to find information about a host or group of hosts.

DoS ing pc's is a waste of time anymore in most cases, and DDoS ing is only really accomplished with a quantity of computers participating, just some advice its more worthwhile trying to penetrate and find vulnerabilities in a system rather than deny it of service...i mean cmon! what if someone else wants to hack it

GhostFileDDL · Post by **GhostFileDDL** » 07 Apr 2007, 13:27

Meh can't even get the program working.

Can you help me out with all you said up there?

Meh only understood a few words =P

As I said, I know nothing about this, the only reason I am trying to do this

is because a site that someone helped to build, banned him, and they

are trying to DDos our server.

Lyecdevf · Post by **Lyecdevf** » 10 Apr 2007, 03:35

GhostFileDDL wrote: And the thing I am asking is what can I do with them.

Well there are plenty of things that you can make with them. If I were you I'd make a soup out of them.

GhostFileDDL · Post by **GhostFileDDL** » 10 Apr 2007, 20:22

I already tried that, nothing happens.

Nerdz · Post by **Nerdz** » 11 Apr 2007, 20:08

I would first do some banner grabbing on them with something like putty and then when a know version of the apps running, I would search for exploit. What if I don't find exploit?

You get to learn a lot about asm and shellcoding, you download the apps and then you try to exploit it yourself..

GhostFileDDL · Post by **GhostFileDDL** » 13 Apr 2007, 15:30

Ok umm I'll have to ask what that meant in another forum =P

Nerdz · Post by **Nerdz** » 13 Apr 2007, 17:22

banner grabbing: Getting the info on the software... usually version number. You can achieve this by telneting the box on the specified box. Sometimes youll see a login screen(in console) with a title like AjsFTP version 2.1

Exploit: A breach of security in a program has been found and exploited. Someone found a hole, did a little programming trick and made the program do whatever he want

Asm: Short term for assembly

Assembly: Programming language really close to the machine one... For new people it is hard to read.

Shellcoding: like assembly... but harder

GhostFileDDL · Post by **GhostFileDDL** » 14 Apr 2007, 16:07

Hmm for the boards and stuff, there are always things like

"Vbulletin 3.6.5, PHPBB,etc" so that's no problem

What can I do with that?

Also, I don't get how we can use exploits. I see a bunch of script in perl,

etc.

^ How would I use that?

Nerdz · Post by **Nerdz** » 14 Apr 2007, 16:57

with a compiler, most of people write their exploit with error so script kiddie can't simply C&P(Cut And Past) them and compile. So read a bit on the language that the exploit what written with and then try to figure out the code.

GhostFileDDL · Post by **GhostFileDDL** » 14 Apr 2007, 20:16

Okay, but usually, it is just compiling it right?

And you're saying that I'd have to learn a little of that language first?

Thanks

Lyecdevf · Post by **Lyecdevf** » 18 Apr 2007, 07:50

GhostFileDDL wrote:Ok umm I'll have to ask what that meant in another forum =P

If you are going to ask for every thing on forums it is going to take you for ever to learn any thing. Use google!

http://www.google.com/search?hl=en&q=ba ... bbing&btnG

GhostFileDDL · Post by **GhostFileDDL** » 22 Apr 2007, 17:40

=P I was joking =P

I <3 google, and it loves me back =]

suck-o.com

Meh Help

Meh Help

Re: Meh Help