About
Community
Bad Ideas
Drugs
Ego
Erotica
Fringe
Society
Technology
Hack
Introduction to Hacking
Hack Attack
Hacker Zines
Hacking LANs, WANs, Networks, & Outdials
Magnetic Stripes and Other Data Formats
Software Cracking
Understanding the Internet
Legalities of Hacking
Word Lists
register | bbs | search | rss | faq | about
meet up | add to del.icio.us | digg it

WebCracking

NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.

Password Cracking, what is it? Very simply password cracking is breaking passwords or cracking passwords by trying every single one. For example if my password were pass I would send a load of passwords one at a time to the server entering a password 

Password I send                        Response I Get Back


wee incorrect
poo incorrect
admin incorrect

and then eventually I should get one right

 
pass                                       correct

So I now know the password which is what I wanted.

Brute Forcing

This is when you try a the b until you have done a-x (single letter) so you move on to aa then ab and so on, in theory this has to get the correct password and it good on systems where you can send a fast request and get a fast answer i.e. on a local network or cracking a Windows 98 PWL file.

Dictionary Cracking

We all know that passwords are not random letters and numbers in most cases, so what, well why try every possible password when you could try a word list (a list on words used as common passwords). You don't so what do you do you use a word list, this cuts down a great deal of time and effort, dictionaries or word lists can be "socially engineered" to make them smaller and more accurate.

Different Types Of Crackers

There are many different types of password crackers; there are two categories of crackers according to me and only me. These are Online Crackers and Off-line Crackers, I think that crackers should be separated into these two separate categories because Online Crackers do not need to be fast or use up loads of CPU on a normal Internet dial up connection they need to combat the "slowness" of the Internet servers. They get over this by using threads (different passwords being sent to the server at the same time so you get twice as many or twenty times as many "wrongs" or "rights" per second that speeds the whole god dam thing up). Another way they get over the "slowness" or Internet servers is by logging the passwords you are sending although this does not speed up the process it allows you to resume a password cracking session if you are disconnected.

Different Targets To Crack = Different Methods

There are different password protected "victims" that you may want to attack over the internet, there could range from a LAN network being attacked remotely to your basic porn site. There are different ways of password protecting, so you get different ways of hacking a website etc.

Getting A URL To Attack

Method One

OK for my first "lesson" I will show you how to hack a HTTP site, that uses pop up box that you then fill in and click OK. The other type is boxes you fill in inside the webpage (like Hotmail). The first is very easy because all you need is the Target URL of the thing you click to get that box to pop up. In Internet Explorer you do this by finding the Hyperlink (the writing that takes you to another page or site) and you will get a box looking like this (well this is half of it).

TRY IT ON THIS (getting the URL ONLY) Now you have the URL of the site you are going to attack/crack. Method Two When you have pictures that are also a Hyperlink I don't expect all of us to be able to find the URL in the HTML code. So we do it another way, click

FILE > SAVE AS

then

SAVE WEB PAGE

FILE NAME > What ever you want to call it

SAVE AS TYPE > Web Page, Complete (*htm,html)

ENCODING > Western European (Windows) Then open this file up and FILE > EDIT with Microsoft Word. Then you open the file up, find the picture and RIGHT CLICK (bring up menu) on the picture and at the bottom it will say HYPERLINK > EDIT HYPERLINK then in the box that pops up it will say LINK TO FILE OR URL: and have a URL bellow that the picture will take you to. Copy this and send it and use that as your target when you crack/hack the site.

WebCrackers and How To Use

I don't do webcracking much unless there is a very specific thing I want crack. These methods work though, I have just written this text document and as I wrote it it worked.

Munga Bunga's HTTP Brute Forcer (1.0.2)

This is possibly the easiest Web Cracker because it doesn't actually ask anything of the user other then the user name they want to crack and the server, i.e. Hotmail. It then uses definition files to give the URL that it submits a password to. Basically it is very easy to use, it can be used on all Web Based email accounts (like Hotmail) and some Web Hosters (like geocities). 1) To start with install it, it will place a shortcut in the START > PROGRAMS bit of the Start menu. 2) Configure it AS I SAY BELOW USER NAME TO BRUTE FORCE > This is where you put the victims user name, for example if you where attacking me at Hotmail and my Hotmail account was [email protected] you would put conwow and NOT THE @HOTMAIL bit. WORD LIST FOR PASSWORD > This is the word list/Dictionary you will use, the default is quite a good dictionary but it can be changed by getting a wordlist/dictionary you intend to use and saving it as pure text this can be done using Word or just opening it with notepad. You then have to rename this whateveryouwanttocallit.lst (the default wordlist is pass.lst). This is good because you can then hack in many languages and for example remove "girlie" words when hacking a male "victim". DEFINITION FILE FOR HTTP AND SERVER INFORMATION > This is the file that tells the program what URL (address) to send the request to. For example you need to send you user name and password to the hotmail server if you are cracking a hotmail account. When you are hacking hotmail you need to click the BROWSE button at the end an choose the hotmail definition file.

Tick Boxes - What They Mean

START FROM BEGINNING OF PASSWORD FILE > Resume attack from the last password tried in the list or start from the beginning when ever you click START HACK START/CONTINUE BRUTE FORCE FROM THE FOLLOWING PASSWORD... > Start at a select password i.e. poopie then it will try the next password in the list like pong then the one after that etc. START/CONTINUE BRUTE FORCE FROM THE FOLLOWING NUMBER... > Same as the above except it is for numbers not letters. IF DISCONNECTED FROM THE INTERNET, PAUSE HACK, RECONNECT TO etc. > Tick this if you are leaving it over night or just leaving it. DON'T RETRY PASSWORDS > On some servers passwords that are wrong are sent back as errors so if you are getting large amounts of errors (every password tried) untick it. DON'T PROCESS PASSWORDS WITH SPACES > People do not have passwords with spaces, tick this. DON'T PROCESS PASSWORDS CONTAINING LESS THAN _____ CHARACTERS > If you know that the sign up makes people have passwords longer than 6 letters (like hotmail) enter it here DON'T PROCESS PASSWORDS CONTAINING MORE THAN _____ CHARACTERS > If you know there is a maximum size for passwords (like Hotmail's is 10 characters) enter it here. PROCESS ALL PASSWORDS IN LOWERCASES > Trust me on this one NO ONE HAS CAPITAL LETTERS IN THEIR PASSWORD, except maybe on cyberarmy. Tick it.

 
To the best of our knowledge, the text on this page may be freely reproduced and distributed.
If you have any questions about this, please check out our Copyright Policy.
 

totse.com certificate signatures
 
 
About | Advertise | Bad Ideas | Community | Contact Us | Copyright Policy | Drugs | Ego | Erotica
FAQ | Fringe | Link to totse.com | Search | Society | Submissions | Technology
Hot Topics
Post Your Desktop
What am I doing wrong?
Compaq laptop goes blank on boot? Ubuntu 7.04
Debian Wireless
Torrents on linux?
Another noob can't connect to the net....
So tell me again...why use a *NIX?
Making my backspace key work...
 
Sponsored Links
 
Ads presented by the
AdBrite Ad Network

 

TSHIRT HELL T-SHIRTS