Brutus Tutorial on How to use it
Chapter 1: Introduction to Brutus.
1.What is Brutus?
2.What can I do with it?
3 Where can I download Brutus?
4.Where can I find a good password list?
Chapter Two: Let’s Get Crackin’.
Chapter Three: Wrapping up.
==What is Brutus?==
Brutus is a well known password brute forcing program.
==What can I do with it?==
With Brutus, you can brute force passwords for HTTP, FTP, POP3, Telnet, SMB (Netbios), Netbus, and they also have a
“Custom” option so you can specify your own settings.
==Where can I find a good password list to use with Brutus?==
Pretty much, the only password list you will ever need
and has 4.9 million passwords. Here are a link where you can download it.
Chapter Two: Let’s Get Crackin’.
Note: You can use a proxy for each cracking method.
This is the option you would use if you want to crack into a website that has a field for a username and a pass, like
I will use this site for the rest ov this section as well.
First thing you wanna do is open Brutus, and select http form. Then click the modify sequence button. Once there we put
the above link into the Target form field, then click Learn Form Settings
From here, you click the field name that is for the username, in this case it is userid, once you have selected it,
click the username button that is shown above the cookie information. That tells brutus that that field is for the username.
Then you select the password field and click the password button, then click accept. Next, in the HTML Response field you
need to fill that in with the response you get when you try to enter a password into your site. In this case the response is
“You have entered a wrong Password or username.” For this target we will put that into the Primary response field Once this
is done, we click ok, add the IP into the Target Field and start our crack.
For cracking an FTP server, the default settings should remain how they are, I usually make sure that the “Try to stay
connected for unlimited attempts” box is ticked.Thats up to you, once you have selected your options, enter the IP and
being the crack.
This is pretty much the same as FTP cracking as far as, the default settings should work for you. Once again, I like to
use the “Try to stay connected for unlimited attempts” option.
Seems as if I’m repeating myself, but once again, the default settings should werk for you.
If you happen to find yourself a target that has the netbios port open (139) and has sharing enabled, but needs a
password, this is what you would use. Once again, default settings should werk.
Netbus is a popular trojan that sometimes, you might find a server that needs a password to connect.
This option is used for, cracking a password protected Netbus server.
This is what you would use to set up a crack for anything else that you could think ov.You need to find out what you need
to put in each field once you click “Define sequence” Those options will vary from target to target.
VERY GOOD NOTEPAD HACKS:
wshshell.sendkeys “You are a fool.”
msg * I don’t like you
shutdown -c “Error! You are too stupid!” -s
Save it as “Anything.BAT” in All Files .
Metasploit Explained A Tutorial For Beginners:
Metaspoit Framework is a open source penetration tool used for developing and executing exploit code against a remote target machine it, Metasploit frame work has the world’s largest database of public, tested exploits. In simple words, Metasploit can be used to test the vulnerability of computer systems in order to protect them and on the other hand it can alsobe used to break into remote systems.
Its a powerful tool used for penetration testing. Learning to work with metasploit needs a lot of efforts and time. Ofcourse to can learn metasploit overnight, it needs lots of practice and patience
Download here(windows user) http://www.metasploit.com/releases/framework-3.2.exe
Download here(linux user) http://www.metasploit.com/releases/framework-3.2.tar.gz
Just give a look at following basic steps for beginners to break into a system using metasploit after gathering some information about the target system.
1. Select a right exploit and then set the target. 2.Verify the exploit options to determine whether the target system is vulnerable to the exploit. 3.Select a payload 4.Execute the exploit.
You must be confused !!!!
Now carefully read the following basic terms to get an idea about these four steps mentioned above .I have defined the terms technically and side by side explained in layman language to clarify the things. I have taken an example that an attacker wants to break into a house . I hope my this approach will give you a great idea about these basic terms .
Vulnerability -A weakness which allows an attacker to break into or compromise a system’s security.
Like the main gate of house with a weak lock (can be easily opened) , a glass window of house(can be easily broken) etc can be the vulnerabilities in the systems which make it easy for an attacker to break into.
Exploit – Code which allows an attacker to take advantage of a vulnerability system.
The set of different keys which he can try one by one to open the lock , the hammer with him which he can use to break the glass window etc can be the exploits.
Payload- Actual code which runs on the system after exploitation
Now Finally after exploiting the vulnerability and breaking in , he can have different things to do. He can steal money, destroy the things or just can give a look and come back.. Deciding this is what we mean by setting the Payload.
I hope its enough friends, You will learn more with further tutorials when you will start working with metasploit practically.
Hacking Video Explainations (First Time On Any Blog)
FTP via CGI explain the lifting of the page
Explanation to identify the characteristics of borates
Explanation of Patch-making Borat
Explanation register for tripod.lycos.com
Birth of the stolen Alpsordat
Program to penetrate new markets down
Server configuration for Fberost
Server configuration for Baizon
Shell to configure the server
Come the victim’s fear
Contact explain the inverse Borat
Explanation penetration along the Bay 1
Explanation penetration along the Bay 2
Explanation of reporting across Alaiml Borat
Explanation register for ripway
Explanation register for no-ip
Explanation withdraw Alpsordat by flash
Description Albfrost a full explanation of
Description of the ddos attack on the IP Address
Explanation fixing Albfrost and change the image of reporting
Explain the properties of Albaizon
Explain the properties of Immobilizing
Chorhat to enter the world of Alhecr
Explained the GNU steal any P-1
Explanation making Bernameh Balvjul check if the port is open or not
Explanation-making program to change icons
Explanation making Conception and steal the GNU ABC and see if the GNU ABC stolen or not
Way to turn off Deeb Fries
Explanation decompress ÇáÈ& Ccedil;ÊÔ before the encryption process
Explanation for the registration site and the work dyndns.com Forums
Way to turn off Deeb Fries
Explanation withdraw Alpsordat through the program Immobilisation
Clear brother Knight 1