How do Hackers do to Hack a VPS server that works with VNC or RDP to have full control of the server ? We reveal one of their techniques in our article !
Hack a VPS server under VNC or RDP :
Hack a VPS server (or Hack) a VPS under VNC or RDP is not an easy thing to do, today we will reveal to you a technique used by some “Hackers”,
which allows them to take full control (hack into a VPS or VNC) on the server.
This hacking method also works on RDP (Remote Desktop of Windows), to hack into Windows servers, sessions….
Before you start :
This guide is for educational purposes only, never try to reproduce this “method”,
unless you want big problems with the justice system in your country, it’s illegal, it’s called theft!
At the end of our educational guide, we explain a way to avoid this kind of incident, no one
will not be able to access or send a Ping request on your server, so you will be out of danger, against this dishonest method !
Hack a VPS server, how do they do it ?
Before you start reading read about what a VPS (Virtual Private Server) is : What is a VPS Server (or Virtual Dedicated Server) ?
To summarize very briefly the method, the person who wants to steal VPS servers that are accessible by,
VNC (Virtual Network Computing – software that allows you to remotely manage your servers),
will scan using a tool, a row of IP addresses with port 3389 (VNC connection port).
Once the servers are found and corresponding to the use of VNC, an attack by Bruteforce is,
then practiced, like most people who use very simple passwords,
so it’s very simple for these thieves!
The correct password found, so the server is in the hands of the malandrine !
The hacking method for gain access on a VPS under VNC or RDP :
First of all, the pirate equips himself with utility software, these are the following:
The utility that will scan the IP address ranges to find VNC servers KportScan and the last utility Dubrute that will allow the Brute-force method to be used on the vulnerable machine, you can download the pack of both utilities by clicking on the button below, the archive password will be “thankyou” without the quotation marks :
Once these utilities are in his possession, the hacker will first find an IP address row that corresponds to the desired country, thanks to this site :
He will choose the desired country by selecting the IP Range option :
Once this is done, the IP address blocks appear, so it will select the block that corresponds to it :
After that, it starts the utility that scans IP addresses by clicking on Load ranges to add its block (s) of IP addresses :
It selects the number of Threads (requests) with the VNC port (3389) and starts the Scan :
Once finished, it just needs to save its findings using the same utility in a text file, which it will re-import into Dubrute :
And finally it configures the attack by Brute-Force, selecting the number of threads :
Once he has clicked on “OK”, the attack will be launched on the targeted machines, if the hacker is good, he will launch the attacks on a VPS server that he will own (or not).
It will also use, for example, a file containing the possible passwords :
How to protect yourself from VPS Hacking ?
Simply by using an iptables variable.
This Linux kernel firewall will protect you by using this variable,
it will only allow your IP addresses to connect or send a PING request to your server :
sudo iptables -I INPUT -p tcp -s IPADRESSEOFYOURSERVER –dport 5901 -j ACCEPT
sudo iptables -A INPUT -p tcp -s 0.0.0.0.0/0 –dport 5901 -j DROP
This guide is finished, share it and support us, so we can continue to share!
Thank you very much for your reading and respect the laws of your country.
See also our article : Cheap VPS server with high security !