Friday, 27 August 2010

How to crack a website

So you want to know how to crack your way into a website....

OK... First lets look at some facts of the matters...

#1 You cannot enter a website by cracking into it without having a valid combination of username and password. No matter how hard you try, if you don't have a user/pass in your wordlist that is in the websites password file, it will not work.

#2 You should use proxies. Duh... Proxies keep you anonymous by passing your http data through them, and then they are the ones who submit the data and do it using their IP addy instead of your own. NO PROXY IS ANONYMOUS UNLESS YOU CONTROL IT! Most all proxies log the transactions they run so all it takes is a government to supena the owner and get the data.

#3 You should use software. By far the easiest software to use is Access Diver. Why is it the easiest? You can leech wordlists, proxies and use it to do the actual cracking. Its like a Bowflex for cracking passwords...

That out of the way lets get down to it...

What is a wordlist and why do I need it. We are going to bruteforce the targets because, by nature, it is faster then hand typing. Access Diver is an excellent BF'er. It will try anywhere from 8,000 - 100,000 combos per hour. Depending on how fast your connection is, how fast the targets connection is, how fast the proxies are, your mileage may very. A wordlist is a compiled list of past known good combos used by real people on websites. We prefer refined lists where the websites the combos where good for and similar in genre to the websites we are attacking. Huh? In other words, having a list made of combos that were from mature websites isn't going to help us get into a teen niche site. But we are newbs eh? So we will make a larger general purpose list.

First open AD and select, My Skill - Expert. We are almost elite already! How many situations in life besides for snow skiing let you pick your own skill level? Then click the history tab. Should be pretty darn empty. Now we leech like fuckers... But we have to start somewhere so lets get to it. Visit many, many passboards looking for previously cracked passes. Prefer boards where people are posting them 100's to 1000's per post or where the admin compiles them daily into such large numbers. We want them in the http standard basic authentication format. what?

Like this:

http:// login : pass directory/

We copy them to the clipboard after selecting the with the mouse and then in AD we can ShiftF2 or right click and import from clipboard... After hunting down say 20,000 such passwords we want to get some proxies.

Clicking on the Proxy tab and then the WEB proxy leecher sub tab we add in some proxy sites: ... list/?ap=2 ... list/?ap=1 ... list/?ap=3 ... list/?ap=4 ... list/?ap=5 ... list/?ap=6 ... list/?ap=7 ... list/?ap=8 ... list/?ap=9

Save that to a file named extraction.txt and load it with the folder icon into AD. One of the things I really like about AD is if you use windows, this thing is almost completely self explanitory. The author made it with certain standard icons so you could know how most of the thing works just by looking at it. If you need hints to something before you press it, just hold your mouse cursor over it and it will popup a little explanation.

Now all of the imported URL's should have a check in the box next to them. If not, click the little check box icon on the left bar menu. Put the number 20 in the little black box towards the bottom and click the start button. When it is done, click the add these proxies in button on the right middle and select to add them to the analyzer.

Now click the proxy analyzer subtab and right click a proxy and select all, right click again and select remove duplicates, right click once more and select remove govt' and dangerous proxies. Then in the top two black boxes with numbers in them, make them 80 and 40. If you are on a modem, you can change it to smaller numbers if you keep getting timeouts. Towards the bottom you have a few more tabs, click the proxy judge tab and select the one that matches:

Then on the special tab make sure it is set for the last option (basic authentication) and finally for parameters, don't check anything off for now.

In the very top is a green long text box with server next to it. Put:
into it. We use this server because it is their old one and no one else uses it so it is fast. Also it is before they used any kind of protection to block multiple failed login attempts and we want as many good proxies as we can get.

Click the speed and accuracy button at the top next to the box you put 80 into and wait for it to finish. When it is done, click the heading for the column labeled Accuracy and it will sort them by what happened. Scroll down to the Timed Out ones and select them (click the first so it is selected, scroll to the last, hold the left shift key down and select the last one, they should all be selected (welcome to windows 101)). Then click the Speed/Accuracy button again and let it check them again. When done, click the Delay column header and it sorts them by speed. Scroll up and select the first one with no speed number and then down to the last one without a delay speed number and select them. Now right click and delete the selection. Next click the Confidentiality tester button and wait for it to stop. Then click the Anonymous heading and sort em... Scroll down and select the first timed out to the last Uncheckable. Click the Confidentiality tester button again and wait... Now sort by delay again and scroll up. Remove those without a delay number again. Now you have anonymous proxies... yeah.. next right click and select, Make selected proxies your default proxy list. It should put you on the My List subtab.

Click the Use WEB proxies box. Then click the rotate proxies and put a 1 in the box.
Click change on 4xx/5xx
Click change on fakes
don't click on redirections
Click on specific words and put

Click retry user:pass
Click Don't use proxy after...
Don't click on Continue to use timedout proxies

Select Reactivate all proxies from the drop down menu.

Select the first proxy at the top of the list.

Go back to the history tab. Right click and select all. Put a 50 in the black box or a smaller number if on slower connections (timeouts occure). Click the yellow arrow that looks like it is wrapped around something cylindrical.

When it is done you will have currently good passwords and bad passwords. Either way they are we still want to export them to a list. ShiftF6 when they are all still selected and it will let us export only the logins (not the urls) to a file to use as a wordlist. Once that is done. Opening the file into raptor is a good way to remove the duplicate logins and save it again. Now go to the Dictionary tab and click the middle button (Load a combo file) and laod it. Now click on Standard at the top and it will try to crack the captainstabbin website. Just under the server text box is a slider to add or recude bots. Try it on 25 and if its going good (401 access denied is normal) set it to 40... Wait and enjoy your new life...

If you are looking for an exciting place to crack, in the #ASP channel is a good place to start.

The Dream Is Not What You See In Sleep......Dream Is Which Does Not Let You Sleep

Report this post
 Profile Send private message 
Reply with quote 

Display posts from previous:  Sort by 
Post new topic Reply to topic Quick reply      Page 1 of 1
     [ 1 post ]     
Quick reply
:bananaelectric: :beg: :cheeky: :confused: :coolguy: :crybye: :derisive: :dizzy: :exclaim: :fie: :frown: :frustrated: :furious: :good: :hi: :jump: :love: :nyam: :scare: :stop: :surprised: :tongue: :wave: :wink: :wizard: :yahoo: :acute: :applaud: :bad:
View more smilies
Font size:
#000000     #000040     #000080     #0000BF     #0000FF
#004000     #004040     #004080     #0040BF     #0040FF
#008000     #008040     #008080     #0080BF     #0080FF
#00BF00     #00BF40     #00BF80     #00BFBF     #00BFFF
#00FF00     #00FF40     #00FF80     #00FFBF     #00FFFF
#400000     #400040     #400080     #4000BF     #4000FF
#404000     #404040     #404080     #4040BF     #4040FF
#408000     #408040     #408080     #4080BF     #4080FF
#40BF00     #40BF40     #40BF80     #40BFBF     #40BFFF
#40FF00     #40FF40     #40FF80     #40FFBF     #40FFFF
#800000     #800040     #800080     #8000BF     #8000FF
#804000     #804040     #804080     #8040BF     #8040FF
#808000     #808040     #808080     #8080BF     #8080FF
#80BF00     #80BF40     #80BF80     #80BFBF     #80BFFF
#80FF00     #80FF40     #80FF80     #80FFBF     #80FFFF
#BF0000     #BF0040     #BF0080     #BF00BF     #BF00FF
#BF4000     #BF4040     #BF4080     #BF40BF     #BF40FF
#BF8000     #BF8040     #BF8080     #BF80BF     #BF80FF
#BFBF00     #BFBF40     #BFBF80     #BFBFBF     #BFBFFF
#BFFF00     #BFFF40     #BFFF80     #BFFFBF     #BFFFFF
#FF0000     #FF0040     #FF0080     #FF00BF     #FF00FF
#FF4000     #FF4040     #FF4080     #FF40BF     #FF40FF
#FF8000     #FF8040     #FF8080     #FF80BF     #FF80FF
#FFBF00     #FFBF40     #FFBF80     #FFBFBF     #FFBFFF
#FFFF00     #FFFF40     #FFFF80     #FFFFBF     #FFFFFF

Board index » ..:: CT Hacking Club ::.. » : : Hacking Tutorials : :

All times are UTC

        Who is online            

Users browsing this forum: rakh00007 and 2 guests

    You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum

Search for:
Jump to: 
CyberTerrorists.Net © 2008 - 2009
Powered by phpBB Downloads Downloads Downloads


| WarWolfz | Games-For-Gamers | DedicatedHackers | HackGyan | Anarchy-Hackers |


Post a Comment

Related Posts Plugin for WordPress, Blogger...
Twitter Delicious Facebook Digg Stumbleupon Favorites More