This topic contains 1 reply, has 2 voices, and was last updated by Sugoypotato 1 month, 2 weeks ago.
- August 9, 2020 at 9:29 pm #292916
So I have a pcap file that I downloaded, and my goal is to find the password used (for school, not real hacking, don’t worry). I see a bunch of FTP packets transmitted and followed the TCP stream. This was the output:
220 Microsoft FTP Service
331 Anonymous access allowed, send identity (e-mail name) as password.
230-XYZCOMPANY.COM FTP SITE
230 Anonymous user logged in.
200 Type set to I.
200 PORT command successful.
150 Opening BINARY mode data connection for fgdump.exe.
226 Transfer complete.
221 See you later
So I can’t see the password. This user used their access to pass a bunch of malicious executables through. How do I get the password (only the goal of the project) if it is blank? I see it says to use email name as password, but I don’t see any emails names in the rest of the stream.
Thank you for the help, I am just beginning and learning new things everyday.
- August 9, 2020 at 9:32 pm #292917
Read ftp RFC (to find out how the password exchange protocol works, whats gets sent first and stuffs like that)
Literally try to grep password/pass
You must be logged in to reply to this topic.