Password only in ncftp bookmarks and encrypted

Password only in ncftp bookmarks and encrypted: Posted by Doug Laidlaw on December 1st, 2003; I am the Webmaster of a club Web site. The only place I still have the
password is in my NCFTP bookmarks. This means that I can still use ncftp,
but nothing else. How can I access it there?

(Yes, I know, I might be wanting to hack the site ...)

Doug.
--
Registered Linux User No. 277548.
They say lightning never strikes twice in the same place. My typing is
about as accurate. Apologies for any typos that slip in. - Doug.; Posted by Alan Connor on December 1st, 2003; On Mon, 01 Dec 2003 12:29:51 +1100, Doug Laidlaw <laidlaws@myaccess.com.au> wrote:
For what else would you need the ftp password for? Ncftp does everthing
but wash the dishes?

Yes, Doug, is sounds suspicious as hell. I mean, obviously, you need to
contact the folks at ncftp. And they are going to ask for the same proof
that you are actually the webmaster that I am.

You need to at least post the URL for the site, which would allow us to
see whether you were the webmaster there or not. And respond to a mail
to webmaster@whatever.com.

Wouldn't YOU want that same sort of protection? Anyone can put any name
on the From: line in a Usenet post, and get a mailbox with that address.

AC; Posted by Doug Laidlaw on December 1st, 2003; Alan Connor wrote:

Fair comment, but I do my Web design with EasyHTML in Windoze (my version is
pretty outdated, but I have got used to it and am most comfortable with
it,) and it is logical to use ws_ftp. Also, I have lost in a crash (no, it
wasn't a crash - it was a failure by Windoze' msbackup to restore after an
umpteenth reinstall) all my other records of it, so everything depends on
Murphy not finding this one file. I can get it easily from the site
administrator, but I am in Bendigo and need to get a letter of authority
from the club in Swan Hill. I am stuck with being Webmaster because I am
the only one who can do it. The URL is http://home.vicnet.net.au/~shlions/
.. If you click on my name on the page, it will take you to a feedback form.
I have tried to keep my email address hidden. The site was formerly at
http://www.iinet.net.au/~tomlai1/lions.htm, but that is now a link to the
VicNet page. My own home page is at http://www.iinet.net.au/~tomlai1/ with
a not-too-recent photo.

Doug.
--
Registered Linux User No. 277548.
They say lightning never strikes twice in the same place. My typing is
about as accurate. Apologies for any typos that slip in. - Doug.; Posted by Mark Hill on December 1st, 2003; On Mon, 01 Dec 2003 12:29:51 +1100,
Doug Laidlaw <laidlaws@myaccess.com.au> wrote:
A quick google brings up CrackerNcftp.c, which seems to do what you
want. The comments are in Portugese though, so it's pretty hard to work
out its exact usage. (Also, I've no idea how safe this code is, so
caveat emptor).

--
Mark Hill <usenet@mark.ukfsn.org> (Yahoo address not read)
GPG KeyID: 4A3B58AC; Posted by Alan Connor on December 1st, 2003; On Mon, 01 Dec 2003 14:24:23 +1100, Doug Laidlaw <laidlaws@myaccess.com.au> wrote:
If it were me, I'd use ethereal, or another packet sniffer, to capture it
as it was being sent to the website when I ran ncftp.

This is really the only advice anyone should, or probably can, give you,
besides contacting ncftp.

I'd be careful about those webforms, Doug. A lot of people, myself included,
don't do interactive webpages at all, (I "surf" with wget and other tools),
and especially don't like web mail forms, because they are one-sided: You
don't have a copy on your own system, with the logs to back it up, so can't
even prove you mailed the letter, and have to give your own email address
to the site.

I am dropping earthlink for this very reason. I don't give out my email
address to anyone who won't give me theirs in return. Earthlink no longer
accepts plain email and so we part company.

AC; Posted by Doug Laidlaw on December 1st, 2003; Alan Connor wrote:

"web obfuscator" on Freshmeat.net, but I am not sure about how to integrate
them into a form. I have downloaded some instructions on doing it
server-side with the ISP'd Sendmail. As far as anonymity goes, I am being
swamped already. My address is probably on the lists that go around.

BTW, just after I "pressed the button" I realized that the photo is on my
legal pages - I am a retired lawyer.

Doug.
--
Registered Linux User No. 277548.
They say lightning never strikes twice in the same place. My typing is
about as accurate. Apologies for any typos that slip in. - Doug.; Posted by Doug Laidlaw on December 1st, 2003; Doug Laidlaw wrote:

<GROAN> I posted the letter to the Club tonight, and I have just found the
email. It wasn't from the site, but from the State Library of Victoria,
which is behind it. Oh well, it is a general authority, which they said
would be a good idea anyway.

Doug.
--
Registered Linux User No. 277548.
They say lightning never strikes twice in the same place. My typing is
about as accurate. Apologies for any typos that slip in. - Doug.; Posted by tigervamp on December 3rd, 2003; On Mon, 01 Dec 2003 12:39:31 -0500, Doug Laidlaw wrote:

Doug, If you haven't yet figured this one out try the following ( I'll
spare you the interrogative BS).

From a terminal screen/window on the machine with the ncftp, run the
following command as root:

tethereal port ftp | grep PASS

then have your ncftp program log into your ftp site. The password should
pop right up for you in the terminal in which you ran the above command,
it should immediately follow "PASS " in the output.

You can find tethereal at http://www.ethereal.com/ if you don't already
have it.

This doesn't sound very suspicious to me. This happens very often when
people rely on programs that save passwords for them. Anyway, he already
has the password saved and has access to the FTP site anyway.

I wouldn't contact the "folks at ncftp". It is not the authors'
responsibility to help users recover forgotten passwords, that is better
directed at places like this. I doubt they (or anyone else) would ask for
proof of anything considering FTP is plain text and it is incredibly
trivial to recover such a saved password.

Um, right...

The rest of your post is way off-topic, which is ironic considering how
you like to lecture people about netiquette.

Rob Gamble; Posted by Alan Connor on December 3rd, 2003; On Wed, 03 Dec 2003 00:38:22 -0500, tigervamp <rob_gamble99@hotmail.com> wrote:
<snip>

Thanks for the tethereal tip. It's a related topic and obviously not trolling.
So you're wrong about it being a netiquette violation.
Your second statement is completely erroneous: I don't lecture anyone. A
half page of related info that they don't even have to read, is not lecturing
and I don't like doing it. But the Usenet has to be self-policing or it
would seriously deteriorate.

Thanks to assholes like you that gratuitiously and maliciously insult
people with nor real justification for doing so. All criminals hate
cops don't they?

Tough shit. And if I see many more posts like this from you, you will get
a half-page explaining just why I have killfiled you for N days.

AC; Posted by Alan Connor on December 3rd, 2003; On Wed, 03 Dec 2003 00:38:22 -0500, tigervamp <rob_gamble99@hotmail.com> wrote:

<snip>

I found that this works better:

# tethereal -i interface -w file

then:

# strings file | less

Then just delete the file.

Good to have it to look over carefully, and twice if you need to,
rather than just have it scroll by once.

But I wouldn't have got there without your pointer.

AC; Posted by tigervamp on December 3rd, 2003; On Wed, 03 Dec 2003 01:58:59 -0500, Alan Connor wrote:

Your welcome for the tip. I am just starting to get tired of the abusive
posts that I keep reading by you in this group and others. You meet
criticism with profanity and threats, often the hostility towards you is
imagined. You need to calm down a little and be more thick skinned, you
don't have to try and cut someone down everytime they don't agree with you
or appreciate your input. I think you'll get alot further in this world if
you take this approach and it will certainly be more of a benefit to those
we are suppossed to be trying to help.

Your behavior here makes my point.
I am not a criminal and I don't hate you or the cops. But I think you can
do a better job here and I am bringing it to your attention because usenet
is self-policing. Don't get all whacked out of shape reading this, I am
just trying to help, like everyone else. This is not meant to be
malicious, I don't have anything against you, but your behavior sometimes
is very unhelpful. Hopefully you can recognize this and improve.

Rob Gamble; Posted by tigervamp on December 3rd, 2003; On Wed, 03 Dec 2003 03:28:54 -0500, Alan Connor wrote:

How does this work better? It is 3 times the work and the output contains
alot more than just one line with the password. In fact it could be
considerably more since you are not filtering out unnecessary traffic like
I did in my example.

Rob Gamble; Posted by Alan Connor on December 3rd, 2003; On Wed, 03 Dec 2003 09:05:43 -0500, tigervamp <rob_gamble99@hotmail.com> wrote:
I use ed for my pager, troll. Unless someone has proven the worth of their
posts, I read them one line at a time.

That abusive line just got the rest of your post deleted unseen.

One more and I killfile you for 90 days. You have NO way to make me read

more than one line of your childish and utterly predictable posts.

Obviously, I am ignoring your other message.

AC

+1,$d

Similar Posts

cannot access encrypted files after password change (Security & Administration) by Bob C
Forgot logon password so changed it now can't get into encrypted f (Security & Administration) by The Grotto UK
VPN via pptp using encrypted password (Windows CE) by Simon Leung
keyword search w/in password (encrypted) files (Windows NT) by Robin W.
OS2 ftp server and ncftp recursion (IBM OS/2 Warp) by Mark Healey