Today I'll show you guys how to change kali linux terminal header text.
Brute force attacks are one of the most
commonly used attacks to compromise online accounts, they have been known for
decades but still they are actively being used to compromise online accounts,
in this tutorial I would be demonstrating how you can utilize a brute force
attacks on Web forms using a popular and powerful tool called Sentry MBA
This tutorial is divided into 6 parts:
1) Cracking Terms and some theory
2) Tools Needed
3) Gathering Combos
4) Gathering Proxies
5) Testing Proxies
6) Making Config and Cracking
1) Cracking terms and some theory:
Dictionary Attack: A dictionary attack is a method of
hacking into a password-protected computer or server or account by
systematically entering every word in a dictionary (wordlist or combolist) as a
password and or username.
Wordlist or Passwordlist: Wordlist or passwordlist is a list
of words that is used for cracking hashes (encrypted text) or those logins that
require only a password for example cracking the password of a protected shell
like c99
Combo List: A list of username and passwords joined
together. It is in this format: username:password or email:password
Proxy List: A list of proxies. And why do we need proxies? Because
some sites ban an IP if it exceeds the total number of failed login attempts.
Proxies are of 3 types: Transparent, Anonymous and
High-Anonymous. I recommend using Anonymous or High-Anonymous proxies.
Failure Key: A keyword(s) that a website shows upon a failed
login attempt. For example, "Incorrect Username or Password" or
"Login Failed"
Success Key: A keyword(s) that a website shows upon a
successful login. For example, "Welcome [username]" or
"Logout"
Ban key: A keyword(s) that a website shows when an IP has
reached the maximum number of logins allowed. For example, "You have
reached the maximum number of login attempts allowed, please try again after
[x] number of mins or hours" where X can be any number depending upon the
site.
2) Tools you will need:
EZLeecher V3.0.3a beta #2 (LV) - For gathering combos
Note: Combos leeched by EZLeecher are suited for cracking
porn sites.
Download: Click here
Proxy Grabber - For gathering proxies
Download: Click here
Proxy Tester - For testing proxies if they are valid or not
Download: Click here
Sentry MBA - For making config and the actual cracking
Download: Click here
3) Gathering Combos:
Open up EZLeecher and Click on 'Start leeching'. Combos will
start to leech and it’s up to you that how many combos you want to gather. The
number of combos leeched is shown in "Items in DB". Just click on
'Stop leeching' when you feel that you have gathered enough combos.
Now you may either
export the whole database or you can filter out combos for the site you are
going to crack. This can be done by clicking on ‘search database (by
URL,keyword)’ and then type in your website name. For example I searched for
‘wantedgfs’. This was the result :
This resulted in all the combos for wantedgfs to be listed.
Now in order to remove the @site.com just tick on ‘Combo output’ and search
again and then copy and paste them into a text file. If you didn’t get any
combos for your specific site, then just export all the combos.
4) Gathering Proxies:
Note: Some sites allow unlimited login attempts and don’t
ban IP’s. Therefore, those sites don’t require any proxies.
Open up Proxy Grabber and click on ‘Start’. It will start
grabbing proxies. Stop when you think you have enough proxies. Now click on
‘Remove Duplicates’ and then ‘Save to File’.
5) Testing Proxies:
Open up ProxyTester.exe and then paste the login or members
page URL where it says ‘Member URL’. Now click on ‘Title’ and the tool will extract
the title of the login page. Tick
‘Judge’ and ‘Use GeoTagIp’. Next load the proxies that you gathered into
ProxyTester and finally click on ‘Start Test’ and it will start checking
proxies.
6) Making Config and Cracking:
Open up Sentry MBA and paste the login URL where it says
‘Site’ on the top. Now under ‘settings’ open ‘HTTP Header’ and then change the
request method to ‘GET’ if your site is using basic authorization (also called
pop-up logins). If the site is using HTML form based logins like most modern
websites then tick on ‘MW’ and then click on the little wand icon above. Now Master
Wizard should have opened. Click on ‘Analyze Login Page’ and then ‘Use Data’ as
demonstrated below:
Next, head over to ‘Fake Settings’ tab and uncheck ‘Enable
AfterFingerPrint’. And check ‘Follow Redirects’.
Now head over to ‘Keywords’ tab and then check ‘Define
Failure Keys’ under source key phrases and then add failure key by
right-clicking and selecting ‘Add (Basic)’ as shown below :
Under ‘Lists’ head over to ‘wordlist’ tab and load your
combo list. Now head over to ‘Proxylist’
and load your tested proxy list.
Finally, Under ‘Progression’ click on ‘Start’ and let the
software do its job. Some combos will be listed in the ‘To Check’ tab. Right-click on those combos and ‘View bot
debug in default text editor’. This will show the source code received after
attempting the login with that combo. Examine the source and look for success
keys and ban keys. After finding success and ban key, copy and add those keywords
to their respective areas and check ‘Enable AfterFingerPrint’. When done, save
settings and start the cracking process again. This time successful logins will
be stored in the ‘Hits’ tab and proxies will be banned if there is a ban
keyword match.
Note: Not all sites can be cracked by this method, some
require OCR stage to be configured in the Master Wizard and some require MD5
encrypt. Basic sites can be cracked though.
FAQ:
1) Can I crack Facebook accounts with this method?
No you can’t. Facebook has
brute force protection.
2) Can I crack Steam accounts with this method?
Yes. But it is very difficult
to make a config for it. Few people know how to make a config for steam and
they keep it private.
3) How to protect against this attack?
Block an account temporarily
if there are lots of failed login attempts on it and add a captcha after X
number of wrong login attempts, where X can be any number you prefer.
Happy Hacking :)
Comments
Post a Comment