virusz Posted June 18, 2006 Report Posted June 18, 2006 Warning=======This information should only be used to test your own server's security. Do not attempt to "test" a website's security without permission from it's administrator. Hacking is illegal.Quick Intro=========If you're not familiar with dictionary-based password cracking then this tutorial is not for you.Using dictionaries to crack passwords can be very frustrating – Especially after you've waited over two days for a program to use a 240MB list that doesn't seem to have that password. So what do you do? There's a way to dramatically increase your chances of cracking that password. How? By making your own dictionary. No, I don’t mean creating a list by hand in notepad (Don't worry it's all mostly automated)Tools needed===========PassParse:http://darknet.org.uk/content/files/passwo...d/passparse.zipRemDupes:http://ksoze.deny.de/RemDupes2.exeBrutus:http://217.125.24.22/h/brutus.zipIntellitamper:http://www.intellitamper.com/download/inte...amper_v2.07.exeThe Steps=========1. Alright. What we need to do first is extract all text from the website. Sounds like a huge task but IntelliTamper will make things a little easier for us. Okay let's open IntelliTamper, enter the website, and press the "Start Search" button. What this will do is find all (or most) pages of the site. Once it's finished, save all the pages it found into one directory on your computer (Right-Click > Save).2. Now let's navigate to the directory where we saved the files. Next we're gonna make a simple batch file that will read all the files and send the output to a text file named "ppin.txt". Open Notepad and enter the following:CODEtype *.* > ppin.txtand save it as "lister.bat" (without quotations of course). Once you've saved it, run it. Ppin.txt should have been created. (Note the file MUST be name ppin)3. Next we're going to create the actual list itself. If you open ppin.txt you'll see that it's just a bunch of html/text. We're gonna use Pass Parse to extract all the words and put in list format. Alright. Copy the file "ppin.txt" and paste it into the same directory as your Pass Parse program. If there’s already a file named ppin then overwrite it. Now launch Pass Parse. The DOS Prompt should have shown for a second or less. Your new password list, "ppout.txt", was just created.4. Almost finished. If you open your new password list you'll notice that there are many words used more than once. To take care of the problem we'll use RemDupes. This program will remove all duplicated words and sort your list in alphabetical order. So open your copy of RemDupes, click "Add", and navigate to your password file (ppout.txt). Click "Find Dupes" and when that's finished click "Save List". Your list is completely finished."Positive Authentication with User: Admin Password: inagokart" Quote
Smiley Posted June 19, 2006 Report Posted June 19, 2006 o sa imi ia ceva pana o sa inteleg totu , dar sper sa ma descurc . ms Quote
niMblack Posted May 7, 2010 Report Posted May 7, 2010 (edited) nu stiam ca se mai foloseste brutforce2. credeam ca avansam nu stam in loc. si apropo asta e un tric folosit pentru system de operare precum windows 2000, sau windows 98. prea vechi ca sa functioneze si pe windows 7 Edited May 7, 2010 by niMblack Quote