Hi guys, it’s me again ^^. Nice to see you again in part 3 of the series “Basic hacking knowledge you should know”. In this section, I will share some more hacking knowledge for everyone. Hope these knowledge will help you learn more good things.
Join the channel Telegram of the AnonyViet 👉 Link 👈 |
If you forgot some knowledge in the previous section, you can click Part 1 and Part 2 to read it again ^^. Let’s start!
How to crack Unix account password?
It’s simple, but the way I’m going to say it next can be “old”. You can only crack when you are the lucky ones. If not, you can read for more reference!
First, you log into the system that uses Unix as a customer or a visitor ^^. If you’re lucky, you can get passwords hidden in standard systems like:
/etc/passwd
In each row in the passwd profile, there will be a different account. It’s like this row:
userid:password:userid#:groupid#:GECOS field:home dir:shell
Inside:
- userid = the user id name. That is, the login name, which can be a name or a number.
- password: I’m sure you already understand what this is and its use ^^.
- userid#: this is a unique number used to notify subscribers when they first sign up.
- groupid#: it’s the same as userid#, but it’s for people who are in a certain group.
- GECOS FIELD: this is a place to store information for users. It contains information such as full name, phone number, address, etc. This is also a good source for us to easily crack a password.
- home dir: is a directory that records the activities of guests when they visit (like “History” in Coc Coc ^^.)
- Shell: this is the name of the shell that it automatically starts when we log in.
Please get the password file, the encrypted file. Next, use the program “CrackerJack” or “Join the Ripper” to crack it ^^.
Isn’t it easy ^^. If you see that, then you are wrong. Actually, it’s not easy and lucky for you to crack because the security is already high, so people keep it very carefully. Do not worry, continue reading the following section and you will see where the difficulty is.
What is Shadowed Password?
A shadowed password is known to be in the Unix passwd file when. That is, when you enter a password, other people only see its menu (like the symbol ” x ” or ” * “. This informs you that the passwd file has been hidden somewhere else. more discreetly hidden in a place where normal login users cannot see.
Don’t be in a hurry to give up when you come here because it’s not easy for hackers to stop when they haven’t reached their goal, right ^^. If you can’t find the shadowed password file, please find its backup file (Unshadowed password).
These files of the system on Unix are not fixed, try with the following paths:
CODE
AIX 3 /etc/security/passwd ! or /tcb/auth/files/ / A/UX 3.0s /tcb/files/auth/?/ * BSD4.3-Reno /etc/master.passwd * ConvexOS 10 /etc/shadpw * ConvexOS 11 /etc/shadow * DG/UX /etc/tcb/aa/user/ * EP/IX /etc/shadow x HP-UX /.secure/etc/passwd * IRIX 5 /etc/shadow x Linux 1.1 /etc/shadow * OSF/1 /etc/passwd[.dir|.pag] * SCO Unix #.2.x /tcb/auth/files/ / SunOS4.1+c2 /etc/security/passwd.adjunct =##username SunOS 5.0 /etc/shadow maps/tables/whatever > System V Release 4.0 /etc/shadow x System V Release 4.2 /etc/security/* database Ultrix 4 /etc/auth[.dir|.pag] * UNICOS /etc/udb =20
Before the first ” / ” of a row is the name of the corresponding system. Let’s
based on the actual system you want to get and follow the path behind
the first “ / ” sign.
What is virtual port?
This is a virtual port, a natural number wrapped in the TCP (Transmission Control Protocol) and UDP (User Diagram Protocol) headers. You probably already know that Windows can run multiple programs at the same time. Each of these programs has its own port for transmitting and receiving data.
What is DNS?
This is an acronym for Domain Name System. A DNS server waits for a connection on port 53. That is, if you want to connect to that server, you must connect to port 53. The DNS server converts the hostname in letters to the corresponding digits and vice versa. . Take an example for easy understanding: like 127.0.0.1 —> localhost and localhost —> 127.0.0.1 ^^.
Some things about WinGate
WinGate is a simple program that allows you to split connections. For example, you can share 1 modem with 2, 3, 4 or more computers. WinGate uses many different proxies that can hide you.
Is there a way for WinGate to hide from you? I answer yes. Do it yourself: telnet on port 23 on the server running WinGate telnet proxy and you will get a WinGate > prompt. At this prompt, type in the server name, a space, and the port you want to connect to. VD:
telnet wingate.net Wingate> victim.com 23
Do you know why I telnet to port 23? Because this is the default port available when you install Wingate ^^. At this time, the IP on the computer that the victim captures is the IP of the server containing that Wingate proxy.
How to find Wingate?
- For a static WinGates IP (unchanged IP), you should go to Yahoo or a cable modem search page. Or you can also use Port or Domain scanners and scan Port 1080 .
- What is dynamic IP? Dynamic IP is an IP that changes every time a user connects to the Internet. So how to find WinGates dynamic IP? You can use Domscan or other scanning programs. If using Domscan, enter any IP range in the first box and the number 23 in the second box. Once you have the results, try telnet to the found IP addresses in turn ^^. I have already instructed above ^^. If it appears “Wingate > “, then you have found the correct machine that is using Wingate ^^.
- You should download wingatescanner and use it because it has a lot on the internet.
Because I have a contest coming up soon, I have not had time to post Part 4 for you to see. I hope you understand. I’ll probably make it public in the middle of next week or maybe sooner ^^.
Here is the Bonus part
Bonus 2
Remove ads to support AnonyViet Please !
Don’t forget to Like Fanpage and follow website for quick updates of good articles!
AnonyViet-HanPhu