Cracking scripts
spyware wrote: Downsides of bruteforce:
*Login may be deactivated after a number of failed login attempts. *Huge, fucking logfile. *Might DoS a fragile system if you don't configure your attack properly. *Takes a long time.
=O can a simple bruteforce DoS a system :|
hmm the first 2 points are what worries me, especially the logfile part :P but honestly from what I've seen, some routers has port 23 open with password set to: password, admin or nothing.
There is no way to bypass the logfile process right? :/
Demons Halo wrote: [quote]spyware wrote: Downsides of bruteforce:
*Login may be deactivated after a number of failed login attempts. *Huge, fucking logfile. *Might DoS a fragile system if you don't configure your attack properly. *Takes a long time.
=O can a simple bruteforce DoS a system :|
There is no way to bypass the logfile process right? :/ [/quote]
1st: Yes (YOUR system) 2nd: No (can delete logs if you get logged in, but by then admin sure too notice.
1st: Yes (YOUR system) 2nd: No (can delete logs if you get logged in, but by then admin sure too notice.
1st: :| didn't know simple bruteforce could result such a powerful DoS attack :| 2nd: ah just like I thought :P
spyware wrote: How about you go get a router, and read up on Firmware hacking/reverse engineering, and generally mess around/learn.
Bruteforce attacks are usually only used as a last resort.
Sounds like a nice summer project thingy xD The bruteforce idea just hit me so I thought I might as well ask. You see the kind of routers I've just installed is used by many ISP as a standard device (SpeedTouch/THOMSON), so a lot of ppl use that already, a simple bruteforce should be enough to crack through it. Although you're right… Bruteforce should be used as a last resort :/
spyware wrote: How about you go get a router, and read up on Firmware hacking/reverse engineering, and generally mess around/learn.
Bruteforce attacks are usually only used as a last resort.
+1 Bruteforce could take hours, days, weeks. And unless you have a super computer, it may not work at all. Bruteforce is as spy said a last resort.
Erm… to fix the logs problem, couldn't you run the script through a proxy? I know it's not total security, but I'm sure if you run it through a couple the admin might get confused :P
And this might be a noob question, but can you DoS someone's PC? I tried making a batch file to DoS myself once (at computer camp our teachers coul remotely control our desktop, wanted to stop my internet so they wouldn't be able to do so.) but it sorta didn't work out.
ranma wrote: Erm… to fix the logs problem, couldn't you run the script through a proxy? I know it's not total security, but I'm sure if you run it through a couple the admin might get confused :P
And this might be a noob question, but can you DoS someone's PC? I tried making a batch file to DoS myself once (at computer camp our teachers coul remotely control our desktop, wanted to stop my internet so they wouldn't be able to do so.) but it sorta didn't work out.
Proxy wouldn't work no, too slow for bruteforcing? BUT I know something that would work though :o Public networks ;) MC, libraries, universities, E-cafe etc. That leaves us with one simple problem, most of the routers around kicks you in case you try to log into the same acct too many times. As far as I know, you can't work yourself around that :/
DoS yourself won't work :P
ranma wrote: Dang. Why wouldn't self-DoS work? I mean the actual reason.
I don't have any evidence to back this up with and I might even be wrong, but when I think about it it seems like a machine can't DoS itself that easily.
Let's say I create a script that sends a request 100 times to this same local machine. After some requests are received, the machine will become slower, since it's constantly using the same operation again and again and again –> the machines uses the resources it has in order to catch up to all these requests –> the request sending part will slow down since the "processing power" will be divided between the 2 applications (the sending and the receiving)
can someone comfirm this?? :P an explanation of how DoS works would be nice =D and yes I've googled it, yet still I want to know more :P…
Ok, Moshbat, I see your point. But if you get all computers in your network to ping you, would that work? @spy - will do