Wednesday, July 18, 2012

List entire directory paths for remote FTP directory

I use this all the time to quickly search for fancy filenames in FTP servers that allow for anonymous logins. It basically is a for loop to log into each server, run the find command which outputs absolute paths for directories and files, and outputs that to a file with a name as the IP.
for i in `cat ftp_anon_hosts`; do echo FTP LIST $i; lftp -e "find;QUIT" anonymous:anonymous@$i > ftp/$i; done

Tuesday, July 17, 2012

Rainbow Tables for rcracki

Download links are all right here:

http://www.freerainbowtables.com/tables2/

Thursday, July 12, 2012

Empty/null hashump (LM/NTLM)

aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0

is the LM/NTLM hash pair for blank passwords. You can create this pair by running

"net user kittens /add"

and it will result in:

"kittens:1005:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::"

This is an easy way to tell if the hash you have is actually a password or not.