Today, I will represnted that how to hack ftp server using hydra.Through this post you can easy to hack Ftp server using hydra. Hydra is a popular password cracking tool that can be used to find out the login password from a given wordlist. It is included in kali linux and is in the top 10 list. In this post we are going to use the default password list provided with john the ripper which is another password cracking tool. John is pre-installed on Kali linux and its password list can be found at the following location.This post will finally teach you that how to hack ftp server using hydra.
How To Hack Ftp Server Using Hydra
To Hack The Ftp Server Follow These Steps :-
~# ncrack -p 22 –user root -P 500-worst-passwords.txt 10.10.10.10
Starting Ncrack 0.4ALPHA ( http://ncrack.org ) at 2011-05-05 16:50 EST
Stats: 0:00:18 elapsed; 0 services completed (1 total)
Rate: 0.09; Found: 0; About 6.80% done; ETC: 16:54 (0:04:07 remaining)
Stats: 0:01:46 elapsed; 0 services completed (1 total)
Rate: 3.77; Found: 0; About 78.40% done; ETC: 16:52 (0:00:29 remaining)
Discovered credentials for ssh on 10.10.10.10 22/tcp:
10.10.10.10 22/tcp ssh: ‘root’ ‘toor’
Ncrack done: 1 service scanned in 138.03 seconds.
Here are the steps involved to hack a ftp server by using hydra
1. Download the software hydra 5.4 form the below mentioned link.
2. Save files in any location. For convenience download the files in c:\.
3. For this demonstration a basic FTP server is setup on the network with IP address 192.168.1.4 (port 21)
4. Open a command prompt and navigate to the hydra folder. Type ‚Äúhydra‚Äúor ‚Äúhydra‚Äîhelp‚Äúto access the built-in help.
5. Type the syntax in a notepad before entering into command prompt.
6. Type the following syntax ‚Äúhydra -| user ‚ÄìP dic.txt ‚Äìe ns -vV 192.168.1.4 ftp ‚Äúinto notepad. Copy the syntax and paste it in command prompt. press enter.
7. The dict.txt contains the keywords for checking the FTP server password and username.
8. For demonstration purpose the dictionary fie is named‚Äùdic.txt‚Äù with some fake words and one real password of the FTP server and also the user name is already known as ‚Äúuser‚Äù. Hydra will find the password.
9. Hydra found the password‚Äúdarkness‚Äúfor this demonstration. Now that we have a username/password pair we can login to the server access the files in the ftp server.
10. Depending on the privileges of the account you got access to edit/delete/upload files. Use a Ftp client such as filezilla to edit or upload files if you have the privilege to do.