In this article, I will take you to build our own FTP password cracker using ruby. I hope that through this example, we can understand the concept and importance of violent attack. Well, don’t say much. Let’s start now!
What is a violent attack?
In fact, the word violent attack is not strange to many small partners in the security circle. It can be described as simple and rough. However, for many attackers, violent attack is an indispensable means of attack. In practical applications, because violent attacks consume a lot of time and resources, they often do not become the first choice of attackers, but it will be the last choice of attackers.
For example, we set a scenario as follows:
You now want to access your company’s FTP (File Transfer Protocol) server. You have tried almost all possible methods to obtain the account and password, but because the security of the target FTP server is very good, there are no security vulnerabilities, and the security awareness of the company’s employees is also very strong, you can’t carry out social engineering attacks. In the face of this almost extreme situation, you have to resort to violent attacks in the end.
First, you will need to prepare an attack dictionary for brute force cracking in advance. Then drag and drop the dictionary to the designated location of the password cracking tool. The password cracking tool will try the word list in the dictionary one by one and try to log in to the FTP server until the correct FTP service password is matched.
Is it easy? Although the violent attack is very simple and rough, its power should not be underestimated. Sometimes it will determine the success or failure of our penetration test! Next, let’s build our own FTP password cracker!
Build your own FTP password cracker
Here we will use the ruby script to build our FTP password cracker. If you don’t know much about Ruby scripts, don’t worry. I have prepared a basic tutorial on Ruby for you, which covers some basic Ruby knowledge used in this article. Therefore, I suggest you master some basic Ruby knowledge before reading this article, so as to better read this article. Let’s go straight to the code section.
Like a python script, we need to declare it as a ruby script at the beginning of the code, introduce the required function library and obtain the user’s input information:
Here we only need two library files. We need to usesocketThe library communicates with the FTP server to try to log in and connect for brute force cracking. andtimeoutThe library is used to set the first timeout with the target server. If the server cannot be accessed, it will return a timeout prompt to us.
Next, we need to check the length of the argv list. The list is generated when the script starts, and contains all the parameters that the user enters sequentially from the command line. The unless statement we use here is equivalent to if not. If the parameter length received by argv here is not equal to 3, the script will print the usage rules and exit.
The following code will start trying to connect to the target server and check whether the target server can communicate normally:
In the above code, we simply use the socket library and lose an IP address to establish a communication connection with the target server. At the same time, we use the timeout library to make a ten second timeout cycle. If the connection is not completed within ten seconds, the script will prompt the user in the client interface and close the script. With these basic functions, let’s use the following functions to read the user’s dictionary list file:
The implementation of this function is actually very simple. We take the file path as an argument to the function and print the read word list. Then we use the file. Open () function to open the file and read the contents of the file. When reading the file, we start with the text at the end of each line‘\n’Line breaks are used to split the contents of the list so that we can get the list of passwords we need. Then we will store the list in the global variable and close the file for the next operation. If the file reading fails, the script will prompt the user in the client interface and exit the script. Now that we have the basic functions of the above two FTP password crackers, we can actually build the function function of trying to log in to the server:
This function is very important because it will actually crack for us. Here, we first create a new TCP socket and connect it to the FTP server, and then we wait for the banner response of the FTP server. After we successfully receive the banner response, we start to enter our user name and wait for the password input prompt, and then we try to send the password to the server. At this point, we will receive the data from the server and store it in a variable. This data will contain the results of our attempt to log in.
We use the string “230” to judge whether we successfully log in to the target FTP server (“230” is the response code for successful FTP login). Otherwise, false is returned. So far, our FTP password cracker has basically taken shape. Finally, we need to call and integrate the above functions to start our violent attack:
The above code will call the function we created earlier, check the target FTP server and read the dictionary list file we provided. Then we will start to attack the target FTP server. Here we use a loop to try the word list provided by the user one by one. If the final password matches successfully, the script will return the cracking result to the user and close the script. Let’s test our results!
Violent attack test
First, I will create a dictionary file. Since this is only an example, my dictionary file is very short. But in the actual environment, we generally need to use very large dictionary files. Here is a list of words I created:
Let’s run our script. You can see a simple prompt here:
Now, we provide the corresponding parameter values according to the usage rules of the script and execute the script. After waiting for a period of time, we can see that the FTP server password is successfully exploded:
As I said at the beginning, although violent attack is simple and rough, for the attacker, it will sometimes determine the success or failure of our penetration. Therefore, as our security testers, it is of great significance to deeply understand the process and principle of violent attack.