Find out what happened by analyzing a .pcap file and hack your way back into the machine.This is a beginner's friendly room and can be found here:
The attacker is trying to log into a specific service. What service is this?
Open WireShark and notice that service which the attacker is trying to login in to is FTP.Now do the following to the the username and password asked in later questions.Select the first FTP packet->right click, Follow->TCP Stream.
There is a very popular tool by Van Hauser which can be used to brute force a series of services. What is the name of this tool?
Hydra
The attacker is trying to log on with a specific username. What is the username?
Answered above
What is the user’s password?
Answered above
What is the current FTP working directory after the attacker logged in?
Clear the filter which was applied earlier and got to packet number 401 which is just after the successful FTP login.This packet will show the current FTP working…
