Hacking an ftp.

I want to try and brute force my own ftp server just to see how good my password is and if an average application can crack it. Do you have any software for windows / Linux that you would recomend to do this??

Many Thanks

Hakster

;)

if you want to test how good your passowrd is, then just make it over 6 characters long with random letters and numbers.

i think thats just a tad easier than brute forcing it…

if you really want a brute forcer coz your a pathetic SK.. then… www.fuckinggoogleit.com

Generally the longer the password the better. Also, don't use words, names, or any numbers that relate to you. Use upper and lower case letters, number, and symbols. Make sure that you have the numbers and symbols in the middle of the password not just at the beginning or the end. A good minimum these days is 8 characters.

Thanks metsoc30, I found a brute forcer that works and it cracked my numeric password in like 2 mins ive know changed it to an alphanumeric password with symbols in the middle and left the cracker going for 2 hours and still hasnt cracked it.

Hakster:)

Get DC++ to search things, use skills/knowledge to get in

Greetz, Xyng

people you're forgetting one of the most important bits make sure oyu don't need to rihght the password down to remember i etc. coz thats never happened to me or anyting :$

translation pls… :)

HeheHe, everyone says making have numbers letters not dictionary, sprinkles on top etc. but you have to make sure you wont forget it!

if you want a really good password you can use this script:

NOTE: i did NOT write this! i got it from [url] http://www.insecure.org/stc/sti.html[/url]. i take absolutley NO credit for this in anyway. all props go to the original author:

#!/usr/bin/perl
use strict;
use warnings;
 
# All printable ascii characters
my @chars = (32..126);
my $num_chars = @chars;
 
# Passwords must be 50 chars long, unless specified otherwise
my $length=$ARGV[0] || 50;
 
while (1) {
        my $password;
        foreach (1..$length) {
                $password .= chr($chars[int(rand($num_chars))]);
        }
 
        # Password must have lower, upper, numeric, and 'other'
        if (    $password =~ /[a-z]/
            and $password =~ /[A-Z]/
            and $password =~ /[0-9]/
            and $password =~ /[^a-zA-Z0-9]/ ) {
                print $password, "\n";
                exit;
        }
}

some output from the script:

[n3w7yp3@localhost crypto]$ ./rand-pass.pl 15
OGNEP,8}_\5i[(I
[n3w7yp3@localhost crypto]$

heh, no way is hydra gonna break something like that ;)

"heh, no way is hydra gonna break something like that" – nor are you gonna be able to remember something like that very easily.

metsoc30: actually, i have a near photographic memory when it comes to things like passwords…

Key word "near" only have to forget one.

I would say if you really wanted a brute force then google crack whore. Its been around a lil bit longer and has been pretty decent. I hope you know depending on your password and how good of a computer you have, this may take 2-8 hours maybe depending on the variables. :)