Hackers For Charity
BSides San Antonio
GHDB
GHDB
|
Google Search: “index of/” “ws_ftp.ini” “parent directory”
blackasinc rates this entry 8 out of 10. Submitted: 2004-09-17 00:00:00 Added by: blackasinc Hits: 38893 Score: 8 This search is a cleanup of a previous entry by J0hnny. It uses “parent directory” to avoid results other than directory listings.WS_FTP.ini is a configuration file for a popular win32 FTP client that stores usernames and weakly encoded passwords. There is another way to find this file, that was added by Xewan:filetype:ini ws_ftp pwdIn our experience it’s good to try both methods, as the results will differ quite a bit. Comments: 2004-10-27 06:35:51 (servus): 2004-11-11 14:16:48 (Anonymous): 2004-11-21 12:46:48 (digital01): thanks, you get some very interesting stuff. 2004-12-19 00:05:13 (mrc0de): this is really cool but how the hell am i sposed to get the password lol. I suppose i could install ws_ftp… 2005-03-01 05:25:21 (peleos): Nice, but the better way to find passwd is type this string: filetype:ini ws_ftp pwd 2005-04-24 09:44:35 (nokia8210): Guys, i have a problem! The logins in the file are open but the passwords as you said are encoded. What utility or program should i use to encode them ? Thanks for help 2005-06-20 05:51:44 (Dempsey): Not sure if it works but I found this WS_FTP Password decoder 2005-07-01 12:07:08 (Anonymous): there is no need for a WS_FTP password decoder. They don’t work well with all the passwords. You can use ws_ftp itself to decode the password. Take the ws_ftp file you found. if you find a PWD=, this means that this is a valid password. Now change the UID corresponding to this PWD to anonymous, and load the file to WS_FTP. You’ll have the password in clear text 2005-08-31 08:21:47 (Anonymous): I still can not decode the password.Please help me 2005-10-01 05:15:44 (sasho): Its a bit late to say this but anyway ill comment,nice stuff, and u decreypt the passwords use this link : http://www.hispasec.com/directorio/laboratorio/Software/ws_ftp.html 2006-01-05 23:03:21 (t3hsp00n): http://www.tele-pro.co.uk/software/ws_ftp_pass/decode.htm There is another one. meh, I just like knowing passwords, never use them for bad or good, infact I don’t use them at all ;). 2006-10-27 07:03:08 (kayceeclue): I have Learned somethign new today but i will like to know how i can get in to the ftp accounts 2006-11-25 23:04:06 (Brandon252): I’m able to decode the password and find the username, but everytime I enter both of them, it says incorrect user/pass or login incorrect. I’ve tried it with over 100 hosts and about 70 or 80 different sources. Apparently I’m doing something wrong or the accounts are no longer active? |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?