This article is about the sshprank tool, which is a fast network scanner looking for SSH servers. The program searches for computers running SSH and tries to log in using the specified credentials, that is, it performs automated brute-force attack. Also, the program is able to very quickly grab bannersRead More
How to reset MySQL or MariaDB root password on Windows
The root password is set during the installation of the DBMS. If the installation was done manually, that is, without an installer, as described, for example, in this article, then the password may not be set at all. If you use any ready-made assemblies that include MySQL/MariaDB, then ask forRead More
RDP Security Audit
Table of contents 1. How to discover computers with Remote Desktop Protocol (RDP) 1.1 Search of RDP open ports 1.2 Connection with standard utilities 2. Brute Force RDP 2.1 crowbar (levye) 2.2 patator 2.3 rdesktop-brute 3. Collection of information about RDP and through RDP 3.1 rdp-sec-check to get RDP serviceRead More
lulzbuster: a tool for quick enumeration of hidden files and folders on sites
Almost every site has files and folders that no links lead to. Among them, very interesting ones may come across, for example, forgotten backup copies of a database or site, phpMyAdmin, entries in administrative panels and other pages that are not intended for general access. Several articles have already beenRead More
Revealing the perimeter (CASE)
Today we are picking a server that distributes unwanted software and is the cause of spam. Webmasters will immediately understand the phrase “downgrade traffic” – this is when, instead of linking to a file, you are prompted to download an executable (.exe) file, after which you get an additional halfRead More
How to connect to Windows remote desktop from Linux
RDP (Remote Desktop Protocol) clients exist for many platforms, even for mobile phones, of course, there are RDP clients for Linux as well We will look at 2 RDP clients for Linux freerdp is a free implementation of the Remote Desktop Protocol (RDP) rdesktop is an open source client forRead More
How to install and configure RDP server on Linux
How to install an RDP server on Linux The Remote Desktop Protocol (RDP) Server can run on Windows and Linux as well. As a result, you can connect to Linux using the RDP protocol. On Linux, the RDP protocol is not integrated by default as on Windows. Also, Linux doesRead More
How to find out the exact location of users
How to find out where a person is This article will show how to use social engineering to find out the user's exact location. This will be important for those who want to protect themselves from such attacks – you will see what absolutely can not be done on unreliableRead More
How to download files from servers
This is a small cheat sheet on how to copy files from an already compromised system. Typical situations: remote code execution vulnerability is found on the website brute-forced user credentials that allow you to connect via SSH I will list several ways how to copy a file from the server,Read More
How to make a local web server accessible from the Internet without a white IP
Performing social engineering attacks requires a web server on which a site or a page is served that tries to outwit the user and make him enter certain data or perform some action. This phishing web server must be accessible from the Internet, and this requires a public IP. ManyRead More