Ventrilofp

Acidburn13 · **Joined:** 11 Jun 2010 00:56 **Posts:** 2

I feel like a noob asking but what ever.
I dont know how to use the ventrilofp brute force to figure out an admin password to a certain ventrilo server.
If someone would like to help me that is greatly appreciated. i cant really find any tutorials or something.

Sethioz · **Posted:** 11 Jun 2010 22:41

it is cmd tool, you must learn how to use cmd first, before using cmd based tools.

SomaFM · **Joined:** 16 Aug 2007 06:25 **Posts:** 367

Run the program in command line like so: ventrilofp -b help

Should give you some examples/tips on how to use the tool to brute force

Acidburn13 · **Joined:** 11 Jun 2010 00:56 **Posts:** 2

Thank you i now understand how to use some of the options but can someone tell me the command to find the admin password to my server for a test ex. ventrilofp -b 10 az or w.e

aluigi · **Posted:** 14 Jun 2010 15:42

ventrilofp -b azAZ09 SERVER:PORT

obviously don't expect really to find it because depending by various factors (strenght of password and version of the server) it's impossible

DeFRaG · **Posted:** 18 Jun 2010 09:09

Actually aluigi not impossible unlike the older version of ventrilo you could easily brute force the rcon, now they have it so being wrong you bang get kicked instantly so doesn't work. BUT for brute forcing an admin account to gain control is another way that I figured out only problem is while doing so the brute force will timeout/quit working properly and well idk give up some how. And well what you do is you take the username use that for your login to use then brute force for the password to the server making it brute force not really the password for the server but the password to the persons account. IDK if that made any sense I sure hope so I just dont know for sure how else to explain it lol.

aluigi · **Posted:** 18 Jun 2010 10:03

yeah but as any "brute forcing" attack it's a bad thing due to the usual (at least) 2 problems that affect it: time and uncertain results

DeFRaG · **Posted:** 20 Jun 2010 23:54

true very true, yea was just letting you know that it isn't at all impossible as long as the password is well like one of the first 200-800 words in pw list then it may find it, because after a while like I said it would timeout for some odd reason and you would have to start it over. But yea pretty easy finding out admin logins or if the person with the A flag is signed in with rcon just right click on view then check guest tags.

silentkiller · **Joined:** 06 Jul 2010 04:13 **Posts:** 2

DeFRaG wrote:

true very true, yea was just letting you know that it isn't at all impossible as long as the password is well like one of the first 200-800 words in pw list then it may find it, because after a while like I said it would timeout for some odd reason and you would have to start it over. But yea pretty easy finding out admin logins or if the person with the A flag is signed in with rcon just right click on view then check guest tags.

you know defrag im still waiting on you to hack my ventrilo server since your not supposed to be a skid. lol simjunkies still thinks its funny you used a public tool to delete a few channels

Sethioz · **Posted:** 10 Jul 2010 20:08

brute forcing is always impossible against professionals, however it usually works on noobs, who use a simple word as password, but if person has even little bit of the thing that is inside of skull, called brain, then it is impossible. password like "paS5word@server" is very easy to remember, but no wordlist will crack it, maybe my wordlists will do it, wordlists that i have perfected for like 5 years, manually made and crack rate higher than 85%. however it is about 400mb and going thru this big wordlist remotely, will take months. other option would be to use a tool that supports some kind of flexibility, like taking word from wordlist and changing it in some ways, like Cain and PasswordsPro can do, but Luigi does not write tools that are specifically meant to hack into other ppls servers, he makes PoCs only.

@silentkiller go away.

silentkiller · **Joined:** 06 Jul 2010 04:13 **Posts:** 2

Sethioz wrote:

brute forcing is always impossible against professionals, however it usually works on noobs, who use a simple word as password, but if person has even little bit of the thing that is inside of skull, called brain, then it is impossible. password like "paS5word@server" is very easy to remember, but no wordlist will crack it, maybe my wordlists will do it, wordlists that i have perfected for like 5 years, manually made and crack rate higher than 85%. however it is about 400mb and going thru this big wordlist remotely, will take months. other option would be to use a tool that supports some kind of flexibility, like taking word from wordlist and changing it in some ways, like Cain and PasswordsPro can do, but Luigi does not write tools that are specifically meant to hack into other ppls servers, he makes PoCs only.

@silentkiller go away.

How about I not? Im sorry for trolling a troll who thought he had some hacking skills and got raged when I told him exactly what he was using.

Sethioz · **Posted:** 24 Jul 2010 19:32

I think you are confusing this forum with some forum where they care about your whining. you only show your low IQ, by going offtopic just to call somebody a noob is worse than using tools to crash and mess up servers.

aluigi · **Posted:** 24 Jul 2010 23:11

stop the flame here, if both of you have something to say tell it via PM

Luigi Auriemma

Ventrilofp