Go Back   Xisp.org Forums > Porn Password Cracking > Porn Password Cracking Help Section

Hit ratios

Reply
Views: 2202 - Replies: 17  
Thread Tools Display Modes

Hit ratios
Old 02-21-2005, 06:09 PM   #1
barnabyuk
Guest
 
Posts: n/a
Threads: 5107
Default Hit ratios

I wonder if anyone can tell me a rough estimate of hit ratios to expect in Triton.

I tried Tigersam's 3,500 base url list by following the instructions in the informative tutorial by mosaic and (boo hoo!)...not a one.

If I am being stupidly dumb please be kind enough to break it to me gently.

I am not asking to be spoon fed... just a little crumb of comfort.

Thank you in advance and anticipation.
  Reply With Quote

Old 02-21-2005, 07:50 PM   #2
Snowdog
Guest
 
Posts: n/a
Threads: 5107
Talking

Removed because I'm an idiot.

SNOWDOG

Last edited by Snowdog; 02-21-2005 at 09:18 PM..
  Reply With Quote

Old 02-21-2005, 09:06 PM   #3
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

Sorry Snowdog, afraid you are not on track with what he is asking. Triton is a program to search for exploitable pathways, not a cracking tool.

Quote:
following the instructions in the informative tutorial by mosaic and (boo hoo!)...not a one.
First let me say be very careful with this. It is a good tutorial but it assumes you know how to protect yourself. If not you are heading for a world of trouble if you are not there already. Be prepared to tell your isp you must have a trojan or something. lol

Next question would be what paths are you using. I hope it is paths you understand and not just a generic list you found on the web. If it is the later toss it and forget you ever saw it.

Similar to the last question would be how many paths are you trying to run at once? I recommend one or two!!

Next is what keywords are you using? If you are using the post data that is VERY DANGEROUS! Again, better know what you are doing.

Answer these questions and I may be able to help you better.
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Slysnake
Old 02-23-2005, 12:37 PM   #4
barnabyuk
Guest
 
Posts: n/a
Threads: 5107
Default Slysnake

Slysnake... Thank you for your response to my question.

It was your introduction to exploiting which gave me the impetus to try it out.

I copied word for word and key press for key press, the instructions given in the tutorial by mosaic. (Exploiting basics)

It used one path and I used the basic url list provided by tigersam. I also used a list of proxies that I had drawn up using Gowhere. The keywords were the ones in the tutorial.

I take it that using the proxies will have covered my tracks?
  Reply With Quote

Old 02-23-2005, 07:26 PM   #5
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

Quote:
I take it that using the proxies will have covered my tracks?
Yeah, be sure they are tested in the usual way. Should be enough for add-pass. The /exit part of the post data is certainly helpful to use. Some .cgi exploits leave log entries you also need to clean, but not this one.


Some points for emphisis
Quote:
try scanning your url lists with a single exploit

there are other commands and uses for the add-passwd.cgi hole, but because of abuse. these holes are dying fast.


you can scan for /epoch/add-passwd.cgi using the same format.
add-pass.cgi is what we call a telnet hole. Means with it you will have access to the entire server. So from that standpoint it is very powerful and should only be given to people who have proven themselves trustworthy. Personally I have some rules that i expect. Rules are: Copy all you want but alter nothing. If you add password must be in the format of the site and added in a way not to be noticed. Clean up your footprints.

Unfortunately add-pass.cgi has been so abused by less than responsible people that it is pretty dead except in the crapiest sites that the webmaster is to lazy to fix even this giant hole.

Now I will say it is still out there. First on some few crappy, lame sites. Second In ALTERED FORMS!!! You see there is no reason this has to be called add-pass.cgi. Perhaps some site uses the same script just renamed it a little. So see if you can come up with some logical alterations of the path and use those as well.

While this is probably one of the best known .cgi exploits it is by no means the only one. There are tons. That's why cgi is one of the favorite exploit types.
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 02-23-2005, 07:28 PM   #6
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

@ toraz. Nope, Haven't started that tutorial yet. hehe
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 02-23-2005, 07:34 PM   #7
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

Quote:
Originally Posted by slysnake
@ toraz. Nope, Haven't started that tutorial yet. hehe
?????
  Reply With Quote

Old 02-24-2005, 06:47 AM   #8
Jayman
Site Cracker
 
Jayman is offline Offline
Join Date: Jan 2005
Posts: 1,004
Threads: 104
Jayman is on a distinguished road
Default

Does bashing your putah count as a "Hit", if so, then mine's humungous :p
  Reply With Quote

Old 02-24-2005, 08:09 AM   #9
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

inside joke sPlico, toraz will get it.

Jayman, come on, You know you love your box.
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 02-24-2005, 09:13 AM   #10
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

OMG. There's no inside jokes im not gona be in on!
What kind of a place are we running here if you people start having inside jokes and me not knowing about! It's proposterous and not gona happen!

If it were an inside hacking/cracking/passfile sharing thing, i can live with it, but there are NOT gona be jokes inside this forum i am not aware of!!!!!!!!


P.S
To those that got me serious, don't :)
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -4. The time now is 12:56 AM.


vBulletin skin developed by: Xisp.org Crew
Powered by vBulletin®
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
2005 Copyright Xisp.org