|
Cracking XXX Sites
by protonigger
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Section 1: Introduction
After my last tutorial, I decided to write something a little less
technical. This tutorial is for your average joe, who just doesn't
want to pay $30 a month to masturbate. Anyone with any serious
technical experience will probably find this tutorial boring, but for
those of you out there who are not, and just want to masturbate freely
without having to hand out your credit card number, then this is the
article for you. Anyways, this tutorial will cover basically two
methods you can try when breaking into porn sites. Section 2 will cover
cracking into porn sites by breaking into an existing member account,
while Section 3 will cover traversing through the internal database
via a redundant directory scheme. Hope you all enjoy...
Section 2: Cracking Member Accounts
Well what you need here is of course a password cracker. Brutus is an
excellent choice for this, which you can find at the below link...
http://packetsurge.com/main.php?surge=downloads
Now, once you have Brutus downloaded and open, you will see several
options that are available to you. The "Target:" of course is the
remote server (in this case, a web server) that you are targeting, and
"Type:" is the type of service that the server is running that you are
wanting to break through. "HTTP(Basic Auth)" should already be
selected, and that's the service that you will be cracking. So
everything is set as far as that is concerned. So what you will do is
first select your target. First you will go to the site that you are
wanting to crack, and then go to the icon that brings you to the
members section login. You will right click this icon, and select
"Properties". You will within Properties see the "Address" listed.
This is the address for the login that we will want to crack, so you
will copy and paste this address into the "Target:" bar on Brutus.
There, now we have the target selected. We will now want to check the
"Use Proxy" box, and click "Define" to use a proxy server with our
cracker. In this case, we have to options of using different types of
socks servers, which are basically servers set up to forward traffic to
it's final destination (which is the member login we are wanting to
crack). That way, the crack attempt will only reach as far as the
socks server, and you will be able to safely crack accounts on the
site. You can find a list of active socks server at the link below...
http://www.samair.ru/proxy/socks.htm
So all you do then is just simply copy the ip address into the
"Proxy Address" bar, copy the port number into the "Proxy Port" (which
by default is 1080), and select what type of socks server it is. Now
we can make our final configurations. On the bottom you will see a
user list and a word list. You can use the word list that comes with
the cracker if you like, or change it for another word list that you
feel is better, but the user list will have to be changed. To make it
simple for you, simply define the user file as the word list.
Considering I can almost guarantee you, on every porn site, there is at
least one moron who chooses his password as his user name. Otherwise,
if you want to take the time, then you can also define the combination
file based on words within the user list, with parameters that are
usually found on such sites. There are basically two types of
redundant password schemes that you will want to look for when breaking
into a member account on a porn site. As I mentioned, there of course
is the accounts that have the password the same as the user name. For
example, john:john. There are also variations of this like john1:john,
and such. There are also different types of accounts that have the
password correlate with the user name in a rather obvious fashion.
For example, cookie:monster, or stoney:stoneman. Therefore, you can try
and put together such redundant possibilities of password schemes
within your combo file, and take a go at it. Otherwise, if that
doesn't work, then you can just do a regular crack, defining the word
list as both the user list and the word list. Well now we should have
everything set, and you can just click on "Start" and let her rip. If
you have the patience, and time, then you will get results.
Section 3: Figuring out the Directory Scheme
This section will be short and sweet, considering the method for which
is rather obvious. There is a way you can view material from within
the site itself, without breaking into an existing member account. This
is possible because a lot of sites have a fairly standard directory
scheme for storing their material. So let's discuss how such a
standardized directory scheme can be exploited to our advantage. There
are sites on the internet like www.thehun.net that offer free previews
to different porn sites. Different sites contribute preview pages to
the site, to give potential members a preview of the material within.
However, these preview pages are set up within the internal database
of the site. This allows us to get a preview of much more than the
administrator wants us to, like a look into the directory scheme
utilized within the porn site. Now, most administrators will be smart
enough to randomize their directory scheme, so that the only way to
really traverse through the directories, is to go through the member
section. However, many other sites however use a incremential
directory scheme, which allow for one to very easily traverse through
the internal database. For example, say the address is something like
porn.site.address/some_other_directory_paths/34/ when you click the
preview page. Well, we can very simply increment or decrement the
numbered directory, to transverse through the internal database (i.e.
/33/, /32/, etc.). We can try this with any numerical directory scheme
that is in place to potentially tranverse through the internal
database. You just have to use your brain.
Section 4: Conclusion
Well that covers it for this tutorial. Once again, I hope you enjoyed
reading this as much as I enjoyed writing this. By now you should know
enough to start breaking into different porn sites of choice, and
maybe get into the whole xxx-cracker scene and start submitting
passwords up on xxx-cracker forums. But that's all up to you. Anyways,
until next time....
Note: For those of you who have any questions or comments and feel the
need to reach me, you can do so at [email protected] and I will
try to get back with you as soon as possible.
Sites to Visit
www.packetsurge.com - because we 0wn
www.cyberphaze.net - lots of information, and a nice forum
www.digital-deception.net - good site with good people
www.satanz-mafia.org - still growing, but developing nicely
|
|