3 replies to this topic

[PhantomSniper]

Hey everyone! I just joined and it seems like an immensely helpful website after reading a couple of posts. Anyway, I'm just beginning to learn hacking, and the book I'm using is focusing on passwords. I'm using Brutus Password Cracker, but when I try to attack any target other than myself (127.0.0.1), Brutus says it can not verify the target. How do I fix this? Thanks in advance, everyone!

P.S. I know about 2% of the hacking vocabulary, so please try to speak in as much basic English as possible!

[sshsilver]

Ok you haven't done yourself any favours by using the words: "I try to attack another target." No one here will teach you malicious techniques. It's not how they roll. If you had said something like:

"I am using brutus to check the security of my private network, and I am having issues" then people would probably be able to help... And by "help" I mean tell you:

Internet Browser --> Google.com --> Search : Brutus Manual / Tutorial.

PS: What book are you using which suggests Brutus by the way?

[PhantomSniper]

Ok you haven't done yourself any favours by using the words: "I try to attack another target." No one here will teach you malicious techniques. It's not how they roll. If you had said something like:

"I am using brutus to check the security of my private network, and I am having issues" then people would probably be able to help... And by "help" I mean tell you:

Internet Browser --> Google.com --> Search : Brutus Manual / Tutorial.

PS: What book are you using which suggests Brutus by the way?

You're kidding..... I guess I was right. HackForums really was the only good hacking discussion website..... They don't (didn't) even bother with the pretense of "ethical hacking" like most websites do, even when the admins know well over half their community is using hacking for malicious purposes.

P.S. "The Hacker's Underground Handbook". People told me about JTR, but for some reason it was never stated whether or not it would do network attacks and frankly I was too lazy to learn it myself.

[systems_glitch]

Wow! Brutus AET2! That's seriously outdated stuff. I remember running dictionary attacks against our middle school admin's account on the Telnet server there...from a 486 laptop running Windows 95. The password turned out to be the name of his gay lover, which was really funny to a bunch of middle school hackers. Also, we then helped the school be a little more secure with their server, and got put on the equivalent of the IT staff for it.

I guess for proof of concept as to how a dictionary attack works, Brutus is fine. Have a friend set up a FTP server with known user/password and run it against that. Then you can start working back as to what's blocking your connections -- my guess would be, you're either trying to use it with something that's behind a firewall, you're on the wrong port, or you're giving Brutus the wrong target anyway.

Do yourself a favor though and only look at that book as an outdated skript kiddie guide...that's all it is. It's fine to read through to get an understanding of how basic stuff was done 5 or 10 years ago, but it's certainly not going to make you 1337.

P.S. Keeping it to "ethical hacking" standards on public forums may seem lame, but it's a lot less lame than having the feds' party van show up for you. And no matter the forum/admin/whatever, if the server's in the US and someone gets noticed, the government /will/ pull records on you. Knowing what someone is using information for and having proof that they're actually doing it are two different things.