Pages

STEP by STEP GUIDE TO SUCCESSFUL XXX CRACKING, xxxpasswords

Leeched from another forum. Greetz to the original writer

I thought of starting up one new thread that's completely dedicated to tutorials and should provide you a full guide from the beginning on to some basic sploiting!

That's all stuff I collected over the years cruising the net, so no credits to me, it's all the authors work! These papers are all copyright don't post anywhere without explicit refer to the original author!

The order of the information given is not random - it's depending on difficult level - a complete guide starting at zero. So all you have to do is read and scroll down!

ENJOY - and let me know if you liked it!
MAYBE make this a sticky?

LET's start!

Introduction ---> by jazzie


This tutorial is only very basic; this is just for wannabe crackers to get started! This mainly focuses on Access Diver, so people wanting to use a different tool, should look at a different tutorial.

Before cracking an account, there are a few things that you need to learn! First of all anyone can do it, AS LONG and you have the prior knowledge to do so.

To crack a site, a method known as "Brute Forcing" is used. The word may sound intimidating at first, but when you become a more skilled brute forcer, this term will be very common. All brute forcing does is sends many usernames and passwords to a site, and hope that a matching username and password comes back. The passwords retrieved are called "hits". This process can be quite easy, but it requires a little bit of knowledge first!


Cracking Tool Download and Tutorial Sites
http://securitysite.host.sk/ (My Site)
http://www.securityadvise.de/
http://www.howdyisevil.com/
http://www.icefortress.com/
http://beda.5u.com/

These sites will act as bibles for you, and you will find your selves visiting and revisiting again and again! Make sure that you go to these sites; these are what will turn you into a "skilled cracker"


The Cracking Tools Available

Before you start to "crack" a site, you will first need a cracking tool. There are many cracking tools available, but the best ones are Access Diver, Goldeneye & Ares. Try all of them to find which one suits you. I stick to Access Diver most of the time; it has nearly all the features you'll ever need to "crack" an account.


NOW TO START


1) The Cracking Tool

The best one i've found is Access Diver on:-

http://www.accessdiver.com/download.htm

First of all, set the "My Skill" to expert.


2) For Proxies

Proxies are probably the most important thing you need for cracking. Proxies are in this format:-

205.232.121.104:8080
203.199.64.132:8080
200.75.42.4:80

The port number is the bit after the ":" which at the moment, you probably don?t need to know... Anonymous and Non-Anonymous proxies are available on the net. Obviously we want the Anonymous ones, so the question your probably asking right now is "How do I get some proxies?". Well there are many sites available on the web with proxies in them, a good place to start is probably http://soldierproxy.s5.com/MainPage.htm. You can find more proxies by searching google for "anonymous proxies", and there are plenty of sites. You can either copy and paste these proxies into a .txt file, or you can copy the URL into AccessDiver (proxy ---> Web Proxy Leecher), then just click on that lovely leech button, and your away!!!

Now your probably thinking "I've got my proxies now, I want to start!!!" Well we still have a long way to go. First we need to check the proxies to see if their good or bad, and we need to check their level of anonymity.

Once you have you .txt file of proxies, click on the "Proxy Analyser" tab in AccessDiver, then load into it your proxy list. Highlight all of the proxies, by clicking on the first proxy, then going to the bottom of the list, and clicking the shift button, and left mouse click on the last proxy at the same time. Next click on speed/accuracy tester, and wait for it to finish analyzing then delete all proxies with a delay above 3500 milliseconds.

Next, we need to check if the proxies are anonymous or not, so for this we need a proxy judge. Here?s a list of some good ones:-


http://proxycheck.virtualave.net/checker/pj235.cgi
http://www.stilllistener.addr.com/checkpoint1/test2/
http://mgbible.virtualave.net/cgi-bin/prxjdg/prxjdg.cgi
http://www2.inforyoma.or.jp/~misa/manitou_s/prxjdg.cgi
http://forest.ami.ne.jp/what/prxjdg.cgi
http://angura.ug.to/cgi-bin/prxjdg.cgi
http://www.leader.ru/secure/who.html
http://www2.inforyoma.or.jp/~misa/manitou_s/iptrace.cgi
http://www.multiproxy.org/env_check.htm
http://proxycheck.virtualave.net/checker/
http://www.rental-web.com/~azuma/cgi-bin/env.cgi
http://www8.big.or.jp/~000/CyberSyndrome/evc.html
http://thor.prohosting.com/~tcpip/cgi-bin/env.cgi
http://www.inside.ne.jp/cgi/util/envtest1/envtest.html
http://lightning.prohosting.com/~aozora/cgi-bin/env.cgi

Just add them to your AD by clicking on the proxy judge setting tab, then adding them.

Now, select a proxy judge, then highlight all the proxies again, and click on the "Confidentiality tester". When the testing has finished, delete all the proxies with a "NO" result. We now have a good working proxy list. But you need to maintain this list everyday, by adding more proxies and deleting old ones, because anonymous proxies do not last all that long! You must now save the list. Now click on "My List", and load up the proxies into this section, these are the proxies you will use for cracking.


Another way to get proxies is to scan for your own, A.D, I find is not very good, use something like Proxy Hunter! But BE CAREFUL, your ISP can throw you off their service for this, as it is considered an illegal activity. These Proxies that are obtained also have to be checked, and if you find some anonymous ones, they will last a lot longer than the ones found on the web

I mainly just leech though; it saves a lot of time!


3) Combo list

A combo list is a list of usernames and passwords looking like this:-

bill:clinton
usernameassword
john:doe

The username is the first bit, and the bit after the ":" is the password! Now you?re probably asking ?where the hell do I get some combo lists?!!? well the best thing to do is leech them from other password sites with a program like raptor2! Or an easier option, is to go to http://www.google.com/ and search for them although they are not that good, the truth is not many people want to share their real password list, because it take so damn long to make them. Just make it up and you'll be cracking passes in no time.


I decrypt log files, I find that?s the best way, but the easiest way for you at the moment is to leech passes from sites.

Oh here?s a good site with wordlists in it, even some in different languages!
http://wordlists.security-on.net/download.html

Once you have your list put together, click on the dictionary tab on AD, then load them in.


4) Getting The Members URL Of the Site

To start of, I think you should try an easy site, such as "http://www.fungirls.com" . Go to that site and right click on the members link, and copy shortcut. It should come out like this! http://www.fungirls.com/members Put that into Access Diver. Don?t worry, we're nearly there!


5) Now Lets Go!!!


(i) Use lots of level 1, 2 and 3 only anonymous proxies, and rotate them after 1 attempt.

(ii) Set the attack rate to around 15-20 bots, depending upon your connection


Now click on the standard button in AD (the one with a lightning bolt next to it) and we're away. Now all you have to do is WAIT, and pray that you get a login!

(iii) If you find a real login, then go into the site with the same proxy you used to crack it


4) Happy Cracking

Copyright Jazzie 2002
http://securitysite.host.sk/

-------------------------------------------------


Wordlist Maintenance - by jazzie (http://securitysite.host.sk/)

Introduction:
Well I finally got some time to write my long awaited essay on wordlists. Since my last essay I haven't had people stop bugging me about when this is coming out. So here it is, I hope that everyone learns a lot. In previous lessons I have introduced you to the tools that you will use, explained the basics of staying anonymous as well as some terms that are commonly used. I assume that you have already attempted to hack various sites, most likely without huge success. In this essay we will move deep into the building, maintenance and refinement of highly effective wordlists. You will find that your personal wordlists will prove highly effective as compared to using ones leeched from password sites. Whether you're an absolute newbie following through my lessons or a hacker of some experience, I'm sure that there is something here for everyone in the form of good wordlist habits.

Basics
I think that before we begin, clarification of what we are actually attempting to do is required. Theoretically we are guessing people's login names and passwords. Practically however we are able to make so many attempts in a short period of time that quite often it is relatively easy to 'guess' someone's login and password. The weakness of Basic Authentication on the Internet is that there is no limit to the number of attempts you can make at guessing a login and password. True there are measures now that will forbid(403) your proxy after a certain amount of attempts, however in most cases you are able to make as many attempts as you like. It is because of this weakness and one other that it is relatively easy to guess passwords. The other weakness is at the hand of the user that has signed up for membership to the particular site. Quite often people choose passwords that are easy for them to remember such as 1234, password, cat, dog, qwerty. These make it easy, yet not as easy as my favourite type of passwords, where the login and password join to form a famous person, place or common phrase. For example mickey:mouse, sydney:australia, monica:swallows. One of the lists that you build yourself will contain as many possible combination like this that you can think of. In summary; what we are attempting to achieve is to build well maintained wordlists that will contain enough combinations to get you hits on a lot of sites.

Leeching
I suggest that the first list you should build is a leech list. The best leeching program currently available is called Bugs Bunny. It comes with a list of password posting sites that it will automatically extract the password combinations from with the click of a button. Once this is finished you will have your first wordlist, save this list to a .txt file called 'Leech List'. Every couple of days or so you should update this list by re-extracting passes using Bugs Bunny. You should also add other password sites to it to increase the variety of passwords extracted. This list can be effective, however you have to realise that basically every hacker in the world has these same passwords in their lists, so the chances that those passwords have already been hacked are increased.

Personal List
This is the list that I spoke briefly about before. This list will contain all the possible combinations that you think people will use for their logins and passwords. The list can be formatted in two ways, with a colon( between login and password or a Tab space. I suggest the use of the colon( . Add to this list continually as you think of new possibilities. Don't be surprised if this list grows to a couple of hundred combinations rather quickly, mine is over 5000. In the end your list will resemble something of the form:
abraham:lincoln
martin:luther
donald:duck
disney:land
Trust me when I say that no combination is too obscure. If you feel that someone out there is using it then chances are they are. Save this list as a .txt file called 'Personal List'.

Hit List
This list will become your highly effective and refined 'Hit' list. Every time you crack a password to a site, add the password to this list. Don't be impatient, this list will grow gradually and you will find that for sites where the number of attempts you have is limited as well as on any site this list will be the first you use and will get you the most hits. Don't enter into it passwords of pass sites, only the combinations that you have cracked or passwords that you have received from other people. What this list will become is a list of people's combinations where the same people most probably use that same combination on a variety of sites (often with the same theme, ie: all are 'Teen' sites, etc) Later on when you become more experienced this can lead to categorisation of lists depending on themes, however for now just focus on what is here.

Single List
A single list is exactly that, a list of single passwords. You should attempt to build different sized single lists. Personally I have one of around 2000 really common logins and passwords, one of 10,000 fairly common and one of 70,000 passwords which is my 'Mega' single list. It is really up to you how you construct these, with what words and the like. I don't expect you to type out 70,000 words, my list has just grown from a lot of lists that I have joined together over time. There are quite a lot of good wordlists available already on the web, some are listed below:


The use of these lists is rather simple. Imagine for a moment a site that has 5000 members. If this site allows the user to enter the same word for his login and password then on average around 250 passwords will be in the form james:james. Around another 100 will be in the form james:james1. Various other forms will be james:james69, james:semaj james:JAMES etc? Quite a lot of people use variations of their login as their password. If the site allows the entry of the same word as login and password then a very highly effective technique is to run your single lists in this form. That is your single list will run through trying the same word as login and password for all the words in the list. In Goldeneye this is accomplished by choosing 'Options', 'Use Single Lists'. Then you need to click on the two notepads and select the SAME list for each one. In Ares this is accomplished similarly. Also of those 5000 members, at least 10 will use the password 1234. If your combo lists from above don't prove effective then I suggest running a single list as logins and the word 1234 as the password. If this still does not gain you a hit then try other really common passwords like qwerty, asdf, 4321, fuck, sex, cat, dog, pass etc

Maintenance:
It is important to attend to your lists regularly. Your leech list needs to be updated frequently. You need to continue to add to your Personal Combo List as well as all the passwords you gain to your single lists and your hits to your Hit List. A very good idea is to swap password lists with other hackers. If you are already friendly with them organise a swap, then everyone benefits because you both extend your wordlists. A very good tool for maintaining your wordlists is called Raptor. Madmax has recently released Raptor II. This program is an extremely fast and reliable tool that you will find yourself using repeatedly to build specific lists for sites as well maintaining your existing lists. Your lists will inevitably contain duplicates of the same password, Raptor II removes these dupes with barely any effort at all. Raptor will sort your lists alphabetically and provide you with numerous options to make alterations to your wordlists such as adding a '1' to the end of the password or '69' etc.... It is best if you explore this program by yourself. For now don't worry about the various AVS or ALS generators that are included. These are bonuses of the wonderful program that I will cover in a future essay.

Final Words:
Now that you have created your lists don't forget that it is essential that you continue to build and maintain them. Every day I have a good habit of spending time working solely on my wordlists. Wordlists are what will get you hits in the end. The better refined and maintained your lists are the better hacker you will become because the more hits you will receive. In the end it comes down to a good imagination and extreme amounts of patience. Keep practicing and soon I will be discussing more techniques and more advanced examples.


-------------------------------------------------


Advanced Proxy
advanced proxy studies - taken from http://securitysite.host.sk/

subjects discussed here:

1. types of proxies: web proxy, WinSock proxy and Socks proxy
2. very detailed explanation on how http requests are handled through proxies:
3. types of proxy chaining


1. Types of Proxies:
1.1 Web proxy - the well known proxy for the HTTP protocol, used when clients request web
docs from WWW servers with their browsers- IE, Netscape or Opera. Windoze, Apple and linux
can all use that proxy service
1.2 WinSock proxy - used by Windoze applications like IRC, NetShow, Real Audio, ets. Both TCP a
nd UDP are involved.
1.3 Socks proxy - yet other apps using the SOCKS version 4.3.a. those can include news
readers(the NNTP protocol), email apps the SMTP protocol, FTP, Telnet, ets.Pleanty of info
about Socks at: www.Socks.Nec.com You can d/l the SocksCap apps from there, too. Use it to
start any program that you use online and it will route everything throught the socks server
giving the socks ip as yours To set-up SocksCap:
goto irc4all and get a list of socks 5 servers


set SocksCap for socks 5 then exit Settings and click the New button and then click Browse
and look for the program you are going to use, click on it and click open then click ok when
the main windows comes back up just click run and you are ready to go.


2. How exactly are http requests handled through proxies:
2.1 A socket is opened to a port (8080) on some proxy (proxy.meschede.UNI-PADERBORN.de).
2.2 The following lines are sent trough this proxy, changing \r with ascii code 13, and \n
with ascii code 10 ;-)


GET http://www.someplace.org/030300.htm HTTP/1.1\r\n
Host: www.someplace.org\r\n
User-Agent: Nozilla 0.99a\r\n
Accept: */*\r\n
\r\n


c) I get back the expected html page trough the proxy.


If I try to chain another proxy after this one, then point would look like:


GET http://another.proxy.com:8080/www.so...org/030300.htm HTTP/1.1\r\n
Host: another.proxy.com\r\n
User-Agent: Nozilla 0.99a\r\n
Accept: */*\r\n
\r\n


but that doesn't seem to work. Why? What's wrong?
My guess is that there's no "port" information on the "Host:" line, so, the first proxy
tries to connect to the default port 80.
Another guess is that the second proxy needs to interpret correctly the whole "GET" line,
to reformat and split the path info into yet another valid "GET" and "Host:" combo.
extensive info on how proxies work can be found in RFC2068 ftp://ftp.ripe.net/rfc/rfc2068.txt


3.Proxy chaining is primarily supported by DeleGate servers, WinGates, and CGI proxies.


DeleGate is a free proxying software that can be found out
http://wall.etl.go.jp/delegate/. Common proxy portals that use the DeleGate server
software include Magusnet and Spaceproxy. There are many other manual proxies that are
DeleGate servers. A DeleGate server would chain to Altavista like this:
http://128.11.219.251:8084/-_-http://www.altavista.com/


Notice the colon, identified port number, and chain sign


WinGate is also a third-party server software and can be found at http://wingate.deerfield.com/.
The 2.0 versions had default settings that allowed anyone to "bounce off" of the server and
had logging turned off. It allowed not just the http protocol to be proxied through but more
usefully telnet and ftp could be used as well. WinGate is now at version 4.0 and has
tightened up security considerably so these "open servers" are exceedingly rare now.


Many CGI proxies are derived from the original script written James Marshall. It can be
found at http://www.jmarshall.com/tools/cgiproxy/. The people at Cyberarmy have a simplified
version of the J. Marshall script called the CyberAnonymizer that has been widely distributed.
The Australian Whois.com.au/ uses the CyberAnonymizer.


Other CGI proxies include Anonymizer and other common web-interface proxies many people are
more familiar with.


Each class of proxy has its own chain syntax convention.


Some web-interface proxies chain like this:
http://invis.free.anonymizer.com/htt...altavista.com/


Some CGI proxies chain by adding cgi paths to the URL like this:
http://isecure.dreamhost.com/nph-a2.....altavista.com


some experiments that you may find helpfull.


I entered '127.0.0.1:8080' into the 'manual proxy' field and tried to reach as url
'http://mysite.com/index.htm'


here is what my netscape actually send :


GET http://mysite.com/index.htm HTTP/1.0Proxy-Connection: Keep-AliveUser-Agent:
Mozilla/4.51 [en] (Win98; I)Host: mysite.comAccept: image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*Accept-Encoding: gzipAccept-Language:
enAccept-Charset: iso-8859-1,*,utf-8


Now if I enter as url the following :
http://myproxy.com:8080/mysite.com/index.htm


I get :


GET http://www.myproxy.com:8080/mysite.com/index.htm HTTP/1.0Proxy-Connection:
Keep-AliveUser-Agent: Mozilla/4.51 [en] (Win98; I)Host: www.myproxy.com:8080Accept:
image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*Accept-Encoding:
gzipAccept-Language: enAccept-Charset: iso-8859-1,*,utf-8


As you can see, The Host header do well include the :8080


So, to summarize, I think the problem origin may be your second guess which is
confirmed by NME : It depend on how proxies must be chained together.


It should maybe be usefull to find out some 'syntax' on how web proxies should be used ...
2) "Direct sock connection" Problem.- Really I don't know how this is done but indeed it works,
the procedure seems to override any usual protocol used to access the web page (HTTP, FTP,HTTPS)
so proxies set for covering those protocols become useless.
Solution.- SOCKS field into proxy section on browser configuration never should be blank. Best
option is having a true working Socks proxy (port 1080), then it will be the Socks proxy's IP
what a malicious page would be able to get. Unluckily, socks proxies are hard to find but still
there is a solution: write an impossible "dummy" IP into the SOCKS field such 999.999.999.999
(port 1080) then the malicious code will provoke a connection error.
It's important to understand this: When you set a Socks proxy it will take care of all those
protocols not covered by other proxies. For instance, if you have configured just an HTTP
proxy and a working SOCKS proxy, if you try to access a ftp:// or https:// page, connection
will be done through the socks proxy, so providing a fake one you'll always obtain an error.
Then, if dummy socks, you'll have to cover FTP and Secure (HTTPS) fields using a working proxy.
Many usual HTTP proxies also cover those two protocols, try to copy the HTTP settings in FTP
and Secure fields, access some ftp:// and https:// pages and prove all is working fine. Or,
A4proxy (http://www.inetprivacy.com/) allow to check anonimity of proxy and will inform you
if it supports both HTTPS and FTP as well (Enable "Check for FTP/HTTPS Support on Reset data"
on Proxy Options tab and "Reset Data" on Proxy Check tab before testing a proxy).


Chaining Proxies - by unknown

Chaining Proxies and Wingates

Introduction: This is a tutorial on chaining proxies for the use of becoming more anonymous while online. There aren?t enough tutorials online about this subject so I decided to make an attempt at writing one. Since it?s on the subject, I included a section on chaining wingates to become anonymous on telnet.


*************************
I?m going to assume that most of you have already used a proxy before to hide your real IP address or domain or maybe just used one to surf anonymously online. If you didn?t, well hopefully you can keep up and possibly learn how to use a proxy. Its also best if you know what an IP address or Domain is first, before reading this tutorial. Hmm, I guess I have to show you where to find a proxy too. Well I find that good, updated proxy websites are?

http://www.multiproxy.org/anon_list.htm
http://tools.rosinstrument.com/proxy/

It will be up to you to figure out which ones work or not. I?m not going to do all the work for you :-). You can check and see if the proxy works by going to http://www.privacy.net to see if your IP address changed.

*************************


Proxy Servers
A proxy is a server that acts as a gateway between your computer and your destination (website, IRC chat, etc.). These proxies receive requests from users to view, for example, a web page. The proxy will then forward the request to the internet, find your requested page, then send the web page back to you, the user. Most proxies come with a cache (sounds like ?cash?) feature that saves former websites that were visited on that proxy. Think of cache as a proxy?s storage room. Each site that you make the proxy visit, it saves in its own storage area (cache). So if the user or someone else requests the same site again later on, the proxy will go back into its cache, find the web page and send it back to the user. This saves time because the proxy doesn?t have to go search the Internet for the web page. It just pulls the site out of its cache.

The use of proxies to stay anonymous is a favorite thing to do among people on the Internet who are either paranoid or just security conscious. The anonymity factor comes from the proxy?s ability to hide your true Internet address. For example, if I were to run a scan on your computer right now, I would get the Internet address that was given to you by your ISP (internet service provider), but if I were to scan you while you were using a proxy, then I would get the Internet address of the proxy server. Basically the whole proxy picture looks like this?


[User]>>>>>[Proxy]>>>>>[Web Pages]


Simple enough, right? Right. So now let?s get to the chaining part.


Proxy Chaining
Proxy chaining is merely connecting to more than one proxy and then to your intended destination. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be. Remember, it doesn?t matter how many proxies you chain together, you will never be 100% anonymous. Let?s look at an example?


[User]>>>>>[Proxy1]>>>>>[Proxy2]>>>>>[Proxy3]>>>>>[Proxy4]>>>>>[Destination]


The example shows that for a proxy chain to be created, the user must first connect to Proxy1. Once the user is connected to Proxy1, from Proxy1, the user will connect to Proxy2, from Proxy2, the user will connect to Proxy3, from Proxy3, the user will connect to Proxy4, from Proxy4, the user will then connect to the intended destination (web page, Unix server, ftp server, etc.). All together we have 4 proxies in this example. Each proxy is a link in the chain. If the user would be scanned while on the proxy chain in the example, the IP address or domain of Proxy4 would appear on the scan. Now the problem with proxies is they tend to ?die out? in a few weeks or less. It all depends. So if Proxy2 were to cease functioning, the chain wouldn?t work. You would need to get rid of Proxy2 and just use Proxy1, Proxy3, and Proxy4 or find another proxy to take Proxy2?s place. This is why proxy chaining can be a real pain if you are using them just to surf the net. If one dies, you have to figure out which one is the one not working, so you have to go through each one to check them or until you find the one that isn?t working.

Proxy chaining is a necessity if you plan on using proxies to execute a ?hack?. If you are attempting to gain unauthorized remote access to any server, whether it is through telnet, ftp, or http, chaining is a must. As I said, you will never be 100% anonymous no matter what you do online so it is possible that you still can be tracked even if u chain proxies. Chaining just makes it a lot hard to track someone. To make it even harder, its best to use foreign proxies because if someone wanted to trace you, they would need to get logs of your use of each proxy from each proxy administrator. This could take quite a while or even never at all if one of the proxy?s, or all for that matter, belong to an admin in a country that isn?t too fond of the country you are located in. The longer it takes for the authorities to subpoena the logs of your usage of a single proxy from that proxy?s administrator, the more chance that the other proxies that you used in the chain will have their logs deleted by the time anyone gets to the server administrators of those proxies. So when attempting to do any kind of ?hack?, it?s best to use at least five or six proxies in a chain.


HTTP Chaining
HTTP chaining is basically chaining a proxy server in your browser?s address bar. Example?


http://proxy.magusnet.com/-_-http://www.google.com


Notice how the above proxy and destination (yahoo) are seperated by a () If you wanted to make a chain out of this you would simply add another proxy ex. ( http://proxy.server1.com/-_-http://p...estination.com)

Another way to use proxys in your address bar is by adding the proxy IP or domain then the port number. Example?


http://anon.free.anonymizer.com:80/h...www.google.com


Notice how the above proxy and destination server are seperated this time by a (/) forward slash instead of a () dash, underscore, dash. To make a chain out of this you would again simply add another proxy ex. ( http://proxy1:80/http://proxy2:80/pr.../www.yahoo.com)


Browser Chaining
To browser chain is fairly easy. I?ll use Internet Explorer as an example since I believe it is the browser that most people have and use. First you need to find the Internet Options. You can do this by either finding the Explorer icon on the desktop, right click on it, then press properties or if you have a browser window already opened if you are online then you can go to Tools (or sometimes its View) and press Internet Options. Now that you have the Internet Options window up you can now go to the Connections tab, then go to the first Settings button (not LAN Settings, the one above it) and click it. Now you should be in the Settings box. Put a check in the box where it says to Use a proxy server. Now if you wanted to surf using one proxy you would merely put the proxy in the Address: space and put the proxy?s port number in the Port: space. To use a chain here you would put in a proxy along with a ?:? colon then the port number followed by a space separting the next proxy then a ?:? colon then the port number then a space and so on. The last proxy you add should have its port number placed inside the Port: space. If you did it, then it should look like this exactly?


Address: 213.234.124.23:80 121.172.148.23:80 143.134.54.67 Port: 80


***Notice that each proxyort is separated by a space and that the last proxy has its port number placed in the Port: space. Do not check the box marked ?Bypass proxy server for local addresses?. Press OK when you see that everything is in working order***


Wingates
A wingate is a proxy server that someone installs onto his/her computer which allows for a single or multiple online connection to take place through port 23, the default telnet port. Depending on their security, some wingates will allow anyone online to connect to them and usually stay ?alive? or ?working? anywhere from a few days to even months. There are people out there that scan for these Wingates and post the computer?s IP number or domain on their website to give anyone online a free list of them to use. You can also scan them yourself by using programs like WinScan.


Chaining Wingates Using Telnet
I?m going to assume you already know what telnet is so I will just get right down to it. To chain using telnet, you would first bring up the DOS prompt and type in ?telnet? then your wingate. (Since telnet?s default port is 23 and all wingates run on port 23, the port number is not necessary but I will add it just to show you how you should type any port number out on screen) Example?


C:\WINDOWS>telnet 61.133.119.130 23


So now you have ?telnet?, a space, the wingate IP, a space, then the port number 23. Once you are connected to the wingate it should look like this?


Wingate>


Now you would type your next wingate and port number in, then press enter like so?


Wingate> 203.207.173.166 23


You can continue to do this until you connected to as many Wingates as you need. Once you are finished with your wingates you would connect to your destination. Example?


WinGate>arbornet.org


So now the entire picture would look something like this?


C:\Windows> telnet 61.133.119.130 23

Wingate>203.207.173.166 23

Wingate>135.245.18.167 23

Wingate>m-net.arbornet.org
Connecting to host arbornet.org...Connected



*************************************************************************************
NEWS UPDATE:

Hello everybody ,

since i started learning SQLi , i have collected lots of good tools and documents , m still collecting more and more day by day as my scope of knowledge is increasing .
So thought of sharing what i have collected till now with everyone here,
My tool pack includes the following things.

DOWNLOADS :

SQLI SCANNER PACK : http://adf.ly/6tth
MD5 tools pack : http://adf.ly/6tuV
ADMIN FINDR : http://adf.ly/6tuk
SQLI TUTORIAL PACK : http://adf.ly/6tuw
DORKS PACK : http://adf.ly/6tv7
SHELLS PACK : http://adf.ly/6tvD

DONT DOWNLOAD IF YOU DONT KNOW WHAT ARE FALSE POSITIVE VIRUS ALERT

1) sqli scanner/automating injection pack :
contains 5 softwares for scanning ,and automating the hacking process

(a) Exploit scanner - for finding websites with dorks , and testing them for vulnerabilities.very famous
(b) Turkish ARTA - same as exploit scanner but not as famous bcos its turkish . i find it better then exploit scanner. but that my personal opinion
© Havij 1.12 free version : i guess everyone knows about it. it automates the process of performing sqli attack on any site.
it is extremely famous and efficient. but still it a tool :) nothing compared to manual process
(d) SQLI helper 2.7 : same like havij , but little fast .
(e)sqlinj Version 2 - another nice sql injection tool . i will write a tut later how to use this tool

2) ADMIN Finder pack :
After getting the logins from the database . one needs to get the admin finder page. for some sites its very easy while for smoe site its hellova tough
here are some nice admin finder tools and lists tht u may use. but these tools are never enough .i will keep uploaing the amin finder lists as i get more

(a)reiiuke admin finder ( u can upadt the original admin finder lists with the list i am providing)
(b)5 perl and python admin finder tools/scripts. update them as per ur need
© misc softwre : admin pass locater , to brute force admi pass if u cant find it

YOU MIGHT ALSO LIKE THIS SITE
http://th3-0utl4ws.com/tools/admin-finder/

3) DORKS Pack : Contains many files contiaing more then 7000 dorks.

4) Shells : this pack contins many shells and source codes , like c99 ,c100 , jackel and hellova more
( many shells like c99 are identified as trojans by many antivirus. so u might find ur antivirus shouting about this pack. )
U might also wanna see this site :
http://www.kinginfet.net/shells/

5) MD5 cracking tools : although havij have md5 tool but for some reason it never worked for me . so this pack contains some tools .
ASLO THESE SITES WILL PROVE YOU GREAT HELP
http://www.md5decrypter.com/
http://www.md5decrypter.co.uk/
http://md5.rednoize.com/
http://md5decryption.com/
http://passcracking.com/
http://www.xmd5.org/
http://www.md5cracker.com/index.php
http://md5.noisette.ch/index.php
http://md5cracker.org

6) SQLI tutorials pack : This pack contain complete html pages of sqli tutorails that i found useful from various forums and websites like hackforum , elitesoft ,warex , outlaws etc etc. i bet every newbe will love this pack .
u just need a firefox browser to open these html files.
NOTE: this pack also contain 2 of my own created sqli help files which i created myself, serves me as a very useful docment wheneever i m on to hack some site.

i will kep updating these packs as i learn and collect more and more .

0 comments: