Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 17:03

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 13 posts ] 
Author Message
 Post subject: Ventrilofp
PostPosted: 11 Jun 2010 00:58 

Joined: 11 Jun 2010 00:56
Posts: 2
I feel like a noob asking but what ever.
I dont know how to use the ventrilofp brute force to figure out an admin password to a certain ventrilo server.
If someone would like to help me that is greatly appreciated. i cant really find any tutorials or something.


Top
 Profile  
 
 
 Post subject: Re: Ventrilofp
PostPosted: 11 Jun 2010 22:41 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
it is cmd tool, you must learn how to use cmd first, before using cmd based tools.


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 13 Jun 2010 08:05 

Joined: 16 Aug 2007 06:25
Posts: 367
Run the program in command line like so: ventrilofp -b help

Should give you some examples/tips on how to use the tool to brute force


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 13 Jun 2010 22:45 

Joined: 11 Jun 2010 00:56
Posts: 2
Thank you i now understand how to use some of the options but can someone tell me the command to find the admin password to my server for a test ex. ventrilofp -b 10 az or w.e


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 14 Jun 2010 15:42 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
ventrilofp -b azAZ09 SERVER:PORT

obviously don't expect really to find it because depending by various factors (strenght of password and version of the server) it's impossible


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 18 Jun 2010 09:09 

Joined: 09 Apr 2008 08:06
Posts: 66
Location: USA
Actually aluigi not impossible unlike the older version of ventrilo you could easily brute force the rcon, now they have it so being wrong you bang get kicked instantly so doesn't work. BUT for brute forcing an admin account to gain control is another way that I figured out only problem is while doing so the brute force will timeout/quit working properly and well idk give up some how. And well what you do is you take the username use that for your login to use then brute force for the password to the server making it brute force not really the password for the server but the password to the persons account. IDK if that made any sense I sure hope so I just dont know for sure how else to explain it lol.


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 18 Jun 2010 10:03 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
yeah but as any "brute forcing" attack it's a bad thing due to the usual (at least) 2 problems that affect it: time and uncertain results


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 20 Jun 2010 23:54 

Joined: 09 Apr 2008 08:06
Posts: 66
Location: USA
true very true, yea was just letting you know that it isn't at all impossible as long as the password is well like one of the first 200-800 words in pw list then it may find it, because after a while like I said it would timeout for some odd reason and you would have to start it over. But yea pretty easy finding out admin logins or if the person with the A flag is signed in with rcon just right click on view then check guest tags.


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 06 Jul 2010 04:16 

Joined: 06 Jul 2010 04:13
Posts: 2
DeFRaG wrote:
true very true, yea was just letting you know that it isn't at all impossible as long as the password is well like one of the first 200-800 words in pw list then it may find it, because after a while like I said it would timeout for some odd reason and you would have to start it over. But yea pretty easy finding out admin logins or if the person with the A flag is signed in with rcon just right click on view then check guest tags.

you know defrag im still waiting on you to hack my ventrilo server since your not supposed to be a skid. lol simjunkies still thinks its funny you used a public tool to delete a few channels


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 10 Jul 2010 20:08 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
brute forcing is always impossible against professionals, however it usually works on noobs, who use a simple word as password, but if person has even little bit of the thing that is inside of skull, called brain, then it is impossible. password like "paS5word@server" is very easy to remember, but no wordlist will crack it, maybe my wordlists will do it, wordlists that i have perfected for like 5 years, manually made and crack rate higher than 85%. however it is about 400mb and going thru this big wordlist remotely, will take months. other option would be to use a tool that supports some kind of flexibility, like taking word from wordlist and changing it in some ways, like Cain and PasswordsPro can do, but Luigi does not write tools that are specifically meant to hack into other ppls servers, he makes PoCs only.

@silentkiller go away.


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 21 Jul 2010 07:43 

Joined: 06 Jul 2010 04:13
Posts: 2
Sethioz wrote:
brute forcing is always impossible against professionals, however it usually works on noobs, who use a simple word as password, but if person has even little bit of the thing that is inside of skull, called brain, then it is impossible. password like "paS5word@server" is very easy to remember, but no wordlist will crack it, maybe my wordlists will do it, wordlists that i have perfected for like 5 years, manually made and crack rate higher than 85%. however it is about 400mb and going thru this big wordlist remotely, will take months. other option would be to use a tool that supports some kind of flexibility, like taking word from wordlist and changing it in some ways, like Cain and PasswordsPro can do, but Luigi does not write tools that are specifically meant to hack into other ppls servers, he makes PoCs only.

@silentkiller go away.


How about I not? Im sorry for trolling a troll who thought he had some hacking skills and got raged when I told him exactly what he was using.


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 24 Jul 2010 19:32 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
I think you are confusing this forum with some forum where they care about your whining. you only show your low IQ, by going offtopic just to call somebody a noob is worse than using tools to crash and mess up servers.


Top
 Profile  
 
 Post subject: Re: Ventrilofp
PostPosted: 24 Jul 2010 23:11 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
stop the flame here, if both of you have something to say tell it via PM


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 13 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: