Go Back   Xisp.org Forums > Porn Password Cracking > Cracking Tutorials

Cracking 101 - Cracking For Dummies, tutorial author: sYndax

Reply
Views: 9048 - Replies: 20  
Thread Tools Display Modes

Cracking 101 - Cracking For Dummies, tutorial author: sYndax
Old 06-30-2005, 04:25 PM   #1
Elena
Guest
 
Posts: n/a
Threads: 5107
Default Cracking 101 - Cracking For Dummies, tutorial author: sYndax

title: cracking 101 - cracking for dummies.
revision: v0.3.
tutorial author: sYndax.

** always remember: p0rn site administrators (sysadmins) are LAZY,
NOT professional and most of the time FAT. if they all took their
job seriously, all the crackers were un-employed. since there are alot
of p0rn channels that provide good p0rn quality, we must conclude -
it's ALL possible (it just takes time and nervs of steal).

** table of contents:

1. opening words.
2. so, you've decided to be a cracker (known as: general steps).
3. password extraction with raptor / bugs bunny.
4. proxy facts, working scheme, proxy judges.
5. cracking using ares.
6. cracking using goldeneye.
7. cracking using access diver (NOT!).
8. cracking using wwwhack (formbased sites - tutorial by peiniger).
9. checking your cracked logins/lists.
10. advanced password manipulation - email combos (written by lilwayne).

this tutorial is written for educational purposes only. the author will not
be held responsible for any illegal usage some lamer decides to do with the
information supplied on this document. just to make things strait - i do NOT
encourage people to start cracking sites and doing all thoose kinds of nasty
things, further more the information on this tutorial is only for testing of
security systems on various sites (your sites!).

all the software mentioned on this tutorial are the property of their
respective owners and are protected by copyrights. the information
written in the tutorial is my property and copyrighted aswell, do NOT
modify this tutorial or rip parts of it without my explicit permission!

further more, do NOT post this tutorial on any web page/forum/irc channel
or any other kind on internet or electronic publication without my
permission. if you are lamer and you will do it after disregarding my
warnings - well.. they sky is the limit, you can become the subject of
various attacks or other kind of ways to punish you for being a lamer.

before we begin, one thing needs to be mentioned first. this tutorial
is for newbies only, due to the large number of questions users post
on the channel, i decided to explain the basics once and for all.
you will not find instruction on exploiting sites in this faq, if you
need help regarding exploits - your not skilled enough to try it...

before we begin, let me list for you the required applications for learning
to crack pop-up sites (the list may not be complete, because alot of crackers
develope their own style after they learn the basics, but this basic list
should get you started up to the level where you can decide what you like
and serves best for you).

please note, that there are various steps you need to take BEFORE even
you consider start cracking any kind of site. thoose steps are mentioned
here and it's extremely improtant you follow them currectly. following the
list of relevant applications you will find an explanation on all the things
you need to in order to actually crack (proxies/wordlists/other apps).

** -=[ so, you've decided to want to be a cracker ]=- **

there are alot of brute-force application for cracking basic http pop-up
logins. i will list the 3 most poplular applications (usually the most
popular are also the fastest/most effective. but, hey it's your own
preference that matters... i personally am an ARES user... but i'm in no
way saying that the other application is not as good as the rest).

the 3 most popular applications (for windows ofcourse ;-)) are:

** ares - (http://www.deny.de/gm/).
** golden eye [ie: ge] - (http://www.deny.de/ge/prod01.htm).
** access diver [ie: ad] - (http://www.accessdiver.com/).

you might want to check http://deny.de, it's a very comprehansive site
regarding various security issues. you can also find alot of related
applications, wordlists, proxylists and other utilites there. all application
mentioned on this tutorial can be obtained on deny.de.

[brute-force]: a method of online site cracking (offline/local brute-force
also exists but is currently not relevant for our tutorial). by using this
method a user can while using the appropriate application gain access to
a site protected by a pop-up login security system (on various pop-ups
that are more complex i will specify later on [ccbill/ibill/etc...]).

the operation of brute-force is actually quite simple. as most users know
there is a html shortcut for access a site with only 1 url (meanning:
if you have a site named www.myp0rnsite.com and you have a username: xph and
pwd: xph you can type in your web browser http://xph:xph@www.myp0rnsite.com
and the browser will take you into the site if your login is currect).

brute-force takes advantage of this html feature and simply "throws"
various combos ([combo]: a combination of username and password is called
a combo. within the combo the username and password are separatd by a
colon ':'. for example - username: john, password: doe - the combo is
john:doe <--- user: john [:] password: doe) on the site login system.

after the appropriate application "throws" a combo "on" the site, the site
proccess the login and output a report code. this code is then compiled
by the brute-force application and a message is displayed on screen:
200 - access granted, 403 - access denied, 404 - cannot find page.

there are alot of report codes, but i wrote the 3 most relevant codes for
newbies. further more most applications will display only codes 200/403/404
becuase it has a direct infulence on the combo/login. error 403 can also
be relevant to the proxy you use aswell as to the desired html page).

please note that some applications will not display code 200, it will simply
display the relevant combo (ares) or list it as a valid login (ge).
the way each error is displayed changes from application to application, so
don't freak out if the valid login (200) is displayed in a way that is not
mentioned here.

before we go on, we must recover 2 major issue regarding brute-force
cracking: wordlists and proxies.

[wordlists]: a list (mostly big) that contains various combos (see above),
required for brute-force cracking. a good word list is the key for good
cracking sessions. the way to obtain a good word list is simply to build
it yourself, this can take alot of time and effort but in the long term
it's the best way (don't be suprised if your 1st cracking session will
end with only 1 or no passwords at all - this shit takes time!).

there are alot of ways to obtain combos for your word list. the most
common way is stripping exsisting combos from lists you have or password
sites. you can also strip (leech) combos from freebies posted on p0rn
channels and passwords forums. you can also generate your own combos
with the proper application (i won't cover it becuase it damm boring!).

downloading custom lists from various web sites is not a good solution.
newbies can download lists so they can have something to practice with,
but do remember that your not the only cracker on the internet. the list
that you are currently trying to download was used by atleast 3000 people
before you.

it's very possible that all the combos on that list are excellent
or useless. if alot of users cracked with thoose lists the cracked logins
are probably excellent (which makes the combo useless) - but hey, you might
get lucky from time to time (so combos are general and can be found on
almost every site).

there are 2 popular applications for stripping combos from lists and password
boards/forums:

** raptor ii - (http://www.deny.de/ge/prod02.htm).
** bugs bunny - (http://beam.to/bugtrapper/).

** stripping passwords with raptor ii:
start ---> load raptor ---> select generators (yellow tab on buttom left)
---> pass leecher ---> load url list (for custom list) OR add url (for single
urls) ---> start.

you can sit down and wait (drink/smoke/have sex) while raptor does his
thing, it can take time (depends on the amount of urls to proccess and
the size of each list that raptor needs to leech). after raptor is done
remember to SAVE your results into a list (after scanning and removing
all the dupes).

** stripping passwords with bugs bunny:
start ---> load bugs bunny ---> select leech urls tab ---> add (for single
urls) OR online update (for a custom remote list) ---> extract passes.

as well as before sit down and wait for the leeching to complete. after
completion scan for dupes, remove them and save results into a file.

** 2 important notes:

1: the instruction that i gave in this tutorial regarding leeching
passwords or any other application is according to the application
i use on my personal computer. it's quite possible that when new
versions of the applications comes out, the way to do things will
change a bit. i cannot update this tutorial each time a new version
comes out. so if your application is a bit different from the one
described here - cope with it, the basics are still the same.

2: some leeched lists (or downloaded for this matter) may appear in
in a different way than the usual user:password format. sometimes the
combos are separated not by a colon ':' but by a space/tab ' '. in order
to use the list you must convert it to the proper combo structure.

in order to do so: load raptor ii ---> open list ---> edit
---> convert list ---> select : colon ---> save list.

a good advice that almost every advanced cracker will give you, is to always
check the sign-up page of the site you wish to crack. this sounds quite
futile, but you'de be amazed how much information you can learn on the
combos of the that specific site.

by first reviewing the sign-up page, you can determine the needed combos in
order to try and crack the site. some sites provide it's users with passwords
and usernames that consists of a minimum of 6-8 digits. this is important
because there is really no use in using a 1-5 digit combos on a site like
that.

further more, some sites provide it's users with only numbers logins. again
in order to crack this kind of site you need a custom made wordlist.

a very important thing to find out before you start cracking is the way
the site collects it's money from the users. if the site collects money
on it's own this quite ok. but if the site uses a mid-company (like ccbil)
it's needed you find out the logins that company gives out to it's users.

there are alot of billing companies but i will focus on the most common one.
a company named CCBILL. the concept behind ccbill is quite simple:
new user ---> pays ccbill ---> gets password from ccbill (cz9XQwp7:zWA4x73q)
---> has access to p0rn site.

you don't have to be a guru in order to understand that cracking ccbill
sites is harder than normal sites (simply use a custom combo list for
ccbill sites, it's quite hard to find it while being a newbie and it's
best you stay far away from sites like that while are you infact a newbie,
but don't worry it'll come with time).

[proxy]: the litteral meaing of "proxy" is a "messanger". the concept
behind proxies is quite simple. a proxy is simply a machine (computer)
that connects between your computer and the web site you wish to visit.
(my computer ---> proxy server ---> web site).

why are proxies need? well that's quite a trivial question. every computer
that is connected to the internet has an assigned IP (internet protocol)
value, which is given by the ISP's (internet service provider) router.

in the begining proxies were created for speeding the sufring on web sites,
when a user enterd some web site, the contents were downloaded to the proxy
server and then when another user wanted to view the same site, the data
was downloaded from the proxy server rather than the actual site (in order
to save time and make the web sites loading faster).

nowdays, proxies serve alot of major functions, the most important function
for us is ANONYMITY. that's right, while cracking sites you MUST remain
anonymous, this is achieved by using an anonymous proxy server. if you even
consider cracking with out a proxy, you must know that every sysadmin can
trace you with some simple commands (NOT recommended).

all the proxies has an anonymity classification. all classifications varies
from 1 - 5, while proxy that has level 1 is the most secure. but don't make
mistakes, even a proxy that seems secure at 1st sight can reveal your true ip,
(this is called a "spill").

in order to test the anonymity level of your proxy, you must use a .cgi
script that was written in order to find security holes on proxies.
i personally use the deny.de proxy judge. some application that are used
for brute-forcing has a build-in proxy testers, but i STRONGLY recommend
deny.de's proxy judge.

when you like to test a proxy you have do the following:
load internet explorer ---> tools ---> internet options ---> connection --->
lan settings ---> mark the box says "use a proxy server" --->
input the proxy addess and port --> click OK.

** midpoint (internet sharing application) users, after checking the
"use a proxy server" box click on "advanced" and manualy remove all
the "localhost:127.0.0.1" proxies that midpoint defined there.

please note that by doing so your internet sharing capabilities for
the current session (until you reboot your computer or restart midpoint)
may be screwed up, but hey - midpoint sucks big time, use all aboard
(way better!).

then simply type address: http://www.deny.de/cgi-bin/prxjdg.cgi, and read
the report the proxy judge sends you. be sure to check that there is NO
ip spills (marked in red) and that the remote and host address are NOT your
actuall ip address (there can be no spill and yet your ip is revealed).

on the bottom of the page you will find general comments and the anonymity
level of the proxy, i recommend that you only use levels 1 - 3 (just to be
on the safe side). it's also very recommended NOT to use local proxies EVEN
if they are 100% secure, becuase the admin of the proxy server can simply
scan his logs and locate your entries (your ip is logged on the proxy logs,
if infact the proxy has logs).

now comes the most common question: hey, all is good, but how do i get
proxies? well the answer is quite simple - you search! you can find alot of
web sites on the net that provide downloadble proxy lists. search forums,
irc chans or scan them yourslef (using proxy hunter - you figure it out!).

** -=[ actuall cracking ]=- **

** using ares (my favorite):

1. load ares - "start" ---> "run" ---> "ares.exe" (or any other way...)

2. load proxies - "proxy settings" ---> press "+" to add proxies. if you
have many proxies to add, simple write them inside "proxy.ini".
the proxies should match the format: proxy:port (ie: 127.0.0.0:8080).

3. verify proxies - mark checkbox "delete bad proxies" --->
set "anon levels to be kept" to 1 2 3 ---> check "delete slow proxies"
(optional) ---> check "test for fakes" (optional) ---> click "verify"
---> click "ok".

4. cracking settings ("user" frame) - check "combo" ---> press "..."
---> select your wordlist (format: user:pass).

5. cracking speed ("attack frame") - drag the bar all the way to the righ,
this will set the cracking speed to maximum value.

6. setting url - under "login url" enter your desired members addres
of the web site you wish to crack.

7. press the "play" button, sit back and relax. the cracking results will
appear in the window below. server and proxy error can be found on the
"error folder".

** using golden eye (known as ge):

1. load golden eye - "start" ---> goldeneye.exe (if you want to skip the
opening animation add the parameter "-nosplash" after the application
name).

2. load proxies - select "options" (upper folder) ---> select "proxy" folder
(folder is located on the left of the screen) ---> check box "use proxy"
---> select "import" to load proxy list (proxy:port, ie: 127.0.0.0:8080).
if you wish to load proxies manualy, there is a special frame for it,
locate it and do it manualy, although if your doing it... your stupid.

---> check the box "test proxy before use" ---> under the frame "proxy
rotation" check the box "change proxy after" (is it optional to mark
the box "change proxy after error" - dammit it's self explanetory
do whatever you like).

3. verify proxies - select folder "security settings" ---> select "proxy
security test" ---> drag the bar all the way to the right (this will
set the maximum amount of simultanious connections to the proxy servers).

---> select the button that looks like a globe (quite similar to the old
internet explorer icon) ---> after the scan, all excellent proxies will be
marked with a icon that looks like the radio active symbol ---> move
your cursor to the button that looks like a small recycle bin but do
NOT press it instead click the small arrow and a delete options pulldown
menu will apear ---> select "delete non-secure or excellent proxies".

4. loading wordlist - press "ctrl +o" OR the icon that look like the notepad
icon OR "files" and then "open wordlist" ---> select your wordlist and
load it.

5. cracking settings - select "access" folder ---> drag the bar all the way
to the right (this will set the maximum bot speed to access the site)
---> under "url" enter the member url of the site you want to crack

---> select "connect to remote site" ---> the results of the cracking
proccess can be seen under the folder "history" and "basic authentication"
(this will show all of your crack, the newest cracks are on the top).

** using access diver (known as ad): you will not find a tutorial on how
to crack sites with access diver, becuase i dont like this software
and RARELY use it... i've been told it has a very good proxy test, site
check and exploit mechanism. i cannot vouch for any of this because
i simply HATE it... i did not like and still dont... please forgive
i will include a tutorial on it on the next version maybe.

** cracking form based sites. the following text is taken from a tutorial
written by peiniger from the #xph krew regarding the steps one has to
take in order to gain access to a form based site (if you want this
tutorial alone simply type !xph-formcrack on channel).

[start of text]

How to crack a formbased site
Well you won't believe but its absolutly easy.

requirements: * wwwhack
* a good wordlist
* proxies
* some spare time...

1. Open the site with the formbased login.
2. Enter some shit like L:123456 P:654321
You will be taken to the errorpage.

3. Look at the words given on this page.
E.g. not correct, incorrect, try again, CaSe SeNsiTiVe and so on.

4. Open Wwwhack and choose "Options" "proxy setup".
Now put in your very best proxy.

5. Choose "access", "WebPage (html form)"
6. A popup is displayed. Now enter the Loginpageurl.

7. Click on automatically get info. If all informations were
displayed read 9 otherwise read 8

8. So the autoinfo does not work, cuz wwwhack could not collect the
neccessary infos out of the webpage? In this case u need to open the
sourcecode of the loginpage and look it up manually. Here an example
page http://www.dreamdolls.com/common/x.asp?afid=&t=ma *this is the
membersurl.

Open the sourcecode of it! To fill out the "Form Action field"
in this popup look for "form" and action in the loginpagesourcecode.
If you do so u will find something like: "/common/authorize.asp?afid"
Now you just copy and past this to the "Form Action field". To decide
the post methode you do the same procedure: Look for Method in sourcecode.

In our example u find it in front of "/common/authorize.asp?afid".
The Method is normally post. So choose "post" in wwwhack. To get the
Username and password(it is normally username for username and password
for password) its gain the same... go to sourcecode and look for it...
sometimes its username:un password:pw or something. i am sure u will
find it.

9. Now we come to the most interesting point and this is the point where
many people dont know what to do Choosing the correct Keyphrases...
Well but u looked them already up in step 3 . Now put in the words
u collected from the errorpage for example "denied; invalid; sorry;
follow; expired; renew; username; password;"

10. Choose ur wordlist and if u just want one password...or go on attacking
by choosing skip to the next username after finding a password.
11. Click Ok ))

12. You maybe get a 302 error but this is not important. Wwwhack wil do its
job anyway:]

13. If u get many passes you got a superior wordlist....or *normally* u
choose incorrect keyphrases So change ur keyphrases try around...
you will find the correct phrases

14. check if u find a password if its alive before u hand it out to
someone because u will get sometimes fakes even if u have the correct
phrases. in this case ur proxy is a shit

15. Have fun. enjoy and dont ask me how to solve your site... try around
with the knockledge i gave u *even if this is more basicly*

16. I use normally "incorrect; try again; invalid; match; expired;
username; prüfen;" and 195.212.44.174:80 (level 1 proxy)

17. I have tried this in this combination on this site: valid login for
me atm was gripper1:dimes1 checked it and it worked...

18. If u are sure that my Way of explanation is wrong check
back to 13 and 14...

[end of text]

** checking your cracked logins **

one of the things a good cracker needs is a working login list all the time.
this is needed in order to post to passbots, test somes sites and well...
to do some plain fun. anyways, after you've cracked several logins it is
advised you compile yourself a list for valid passwords.

as you know... you are not alone on the internet and it's quite resonable
that some else is using the same combos you do and has the same passwords.
as i explained before, passwords die due to excessive usage, and it very
advisable to maintain and check your password lists regularly.

the most common application for doing so is bugs bunny (see url above),
that application has many good features, but i will review the password
checking system it has. feel free to download it and probe it further.

start ---> load bugs bunny ---> select folder "check hacked sites" --->
"add from file" (or add manualy if your insane) ---> it is very advisable
to select "settings" and setup a proxy server (not mandatory though) --->
select "check hacked sites" ---> your sites will be proccess --->

green = the site is good / red = site is bad / yellow = still checking OR no
login message (site laggin/still pending) ---> move with cursors and delete
using the "del" key (from the keyboard, stupid ppl!) to remove all red lines
---> save to file ---> normal (default and advisable) or goldeneye format.

** creating more advanced password combos - email combos. all credits
for this part goes to lilwayne (from #xph krew, ofcourse).

some sites use email address as username or login passwords. thoose combos
cannot be extracted using bugs bunny, in order to that you need to use
an application called combo.exe (coded by blademan). after the basic use of
the application (the extraction) comes the "hard" part.

we need to find a way to filter the email combos from the extracted file
you got after using combo.exe. in order to do that you must make use of
an application that was mentioned earlier in this faq, which is called
raptor. here are the basic steps in this proccess:

1. use combo.exe to extract a basic list, afterwards save the extracted
combos to a text file (ie: combos.txt).

2. run raptor and open the extracted combos file with it.

3. after loading raptor, choose "filter" from the options menu,
inside this menu ("filter") you have an option called "remove if..."
and sub option in the same menu "check user:pass contains...".
choose this option and add "@" to the info field.

4. by doing so, you will remove all the email combos from the extracted
combos file. after doing that be sure to remember and save the file
to a NEW text file.

5. load the original extracted combos file (the one WITH the email).

6. choose the "remove duplicates" option, uncheck the "keep original" box
and check the "use reference list" box.

7. for the reference list, use the 2nd text file you have (the one WITHOUT
the emails).

8. now click on "remove duplicates" and you have yourself a combo list that
contains only email logins.

** needless to mention that if you already have an email combo list, you
can add it to the new list you've just created. the adding can be done
using a simple dos command, but due to the fact most of the people don't
even know that such an operating system once existed i will explain in
brief how it can be done in raptor.

open you email list, go to "file operation", "add file" and select the
your list, click on "add file" and that's it. the new list now contains
your old list aswell.

[eof]
  Reply With Quote

Old 06-30-2005, 04:45 PM   #2
resdog201
Guest
 
Posts: n/a
Threads: 5107
Default

hey this is a great tut. thanks for all the info!
  Reply With Quote

Old 06-30-2005, 06:05 PM   #3
OneKnight
Guest
 
Posts: n/a
Threads: 5107
Default

thanks for the post tuts always help new peeps
  Reply With Quote

Old 06-30-2005, 09:08 PM   #4
High|ander
TheURLcrusheR
 
High|ander's Avatar
 
High|ander is offline Offline
Join Date: Jan 2005
Location: Russia
Posts: 4,162
Threads: 106
High|ander will become famous soon enough
Default

Hmm, i think this is very old info...
But for newbie's it's not bad
__________________
"There can be only one"
"May The Schwartz
Be With You"
  Reply With Quote

Old 06-30-2005, 09:53 PM   #5
topcat37
Guest
 
Posts: n/a
Threads: 5107
Default

Thanks for the info!! Need all the help I can get.
  Reply With Quote

Old 08-03-2005, 06:21 PM   #6
Manisch
Guest
 
Posts: n/a
Threads: 5107
Default

Nice tutorial dude, I'll give it a try! :)
  Reply With Quote

Old 08-19-2005, 02:52 PM   #7
Salin
Full Member
 
Salin is offline Offline
Join Date: Jul 2005
Location: Belgium
Posts: 382
Threads: 3
Salin is on a distinguished road
Default

Thanks this tut owns :D im getting this stuff now i think :D
  Reply With Quote

Old 09-11-2005, 01:01 AM   #8
kapu
Guest
 
Posts: n/a
Threads: 5107
Default

Thanks for the tut, appreciate it.
  Reply With Quote

Old 09-23-2005, 11:02 AM   #9
KevinAustin
Guest
 
Posts: n/a
Threads: 5107
Default

Excellent information!! Thank you for taking the time to author this tutorial!
  Reply With Quote

Old 10-23-2005, 07:45 PM   #10
fukdawrld
Guest
 
Posts: n/a
Threads: 5107
Default

thanx for this one
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -4. The time now is 11:26 AM.


vBulletin skin developed by: Xisp.org Crew
Powered by vBulletin®
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
2005 © Copyright Xisp.org