Cracking FTP login using custom wordlist
In this recipe, we will how to FTP to find a valid login. We will make use of the list generated in the preceding information-gathering recipe.
Getting ready
For this recipe, we will make use of a tool named Hydra. It is a parallelized login cracker that supports numerous attack protocols. There are many tools available in Kali Linux for cracking passwords; however, Hydra is very handy. Now that we have Hydra and the username list, let's begin the attack.
How to do it...
- Knowing that our username list is called
username
, ensure that terminal points to the path where the username file is. We will run the following command in the terminal:
hydra -e nsr -L username <IP address> ftp
The output will be as shown in the following screenshot:
- Check to see if the credentials received are working:
We connect to the FTP as shown in the following screenshot:
We have successfully found valid credentials and attained the logins of potential users of the...