07 August, 2022 - 07:07 AM
Reply
thanks
(17 July, 2022 - 02:27 AM)CDSG Wrote: Show More
IntroductionShow ContentSpoiler:What is this?This is a full cracking guide, i will teach you all the basics of cracking / pentesting.
Are you gonna give the tools?
Yes, i'm gonna post all the tool links.
This guide was helpful, how i can help you?
Just leave a like and comment something positive.
Terms / Concepts
Show ContentSpoiler:
CPM
Check Per Minute, how many accounts has been checked in the minute
Combos | Wordlist | CombolistCombination of Email:Pass, User:Pass (Can be another type but still calling ComboList / WordList)Proxy (Proxies in plural)A web proxy server, also known as a proxy is an application-level gateway, a server sits between you and the Internet. The proxy server is replacing that data and that way hiding you in a web.Protocols:HTTP, HTTP/S, SOCKS4, SOCKS5
(The best are HTTP and HTTP/S but depends on the supplier)Header Fomats:
IPV4
(Good for normal targets)
IPV6
(Good for mail targets but the most of pages do not support this protocol)Type of proxies:
Datacenter
Datacenter Proxies are proxies that are not affiliated with an Internet Service Provider (ISP). They come from a secondary corporation and provide you with completely private IP authentication and anonymity.
Residential
Residential proxies allow you to choose a specific location (country, city, or mobile carrier) and surf the web as a real user in that area. Proxies can be defined as intermediaries that protect users from general web traffic. They act as buffers while also concealing your IP address.
(These are the best type of proxies)
Rotative
Changes the ip's every "x" time or per request
The ip's come from a IP pool with millons of IP'sStatic
Don't change the IP
Sticky
DataCenter proxies that changes per session / time
Config
Openbullet configuration, works with the "Loliscript (The code with the API, instructions and etc..)Checker
Same as configs for openbullet but in .exe formatDumper (SQL)
SQL injection tool that scans web applications for SQL injection vulnerabilities that scans the vulns and exploit them
(You can get combos from this way, and SQL exploit isn't the only option, you have another type of injections like LFI or RFI)
Google Dorking
Google Dorking or Google hacking refers to using Google search techniques to hack into vulnerable sites or search for information that is not available in public search results.
Dork Parser
Tool that uses Google Dorks to get URL's using the google query
Vuln Scanner
Vulnerability Scanner, check the vulnerabilty of a website.
you need URL's for this
Some databases that could be vulnerable can be:MySQL
MsSQL
PostgreSQL
Access
Oracle
SQLite
HSQLdb
Informix
Frontbase
Derby
FirebirdHow to start?
Show ContentSpoiler:First of all you need to get a checker or OpenBullet.
You can get OpenBullet in github or just click here
I like more "SilverBullet" than Openbullet, but is my opinion.
You can get OpenBullet configs in Config Section or buy configs in Sellers Marketplace
Remember:
Most of OpenBullet Mods (Like SilverBullet) have their own extension
Default extension for OpenBullet config is ".Loli", Extension for SilverBullet is ".SVB", Extension for Anomaly is ".Anom", Extension for CyberBullet is ".CYB"
After you get some configs, drag all of them to the Configs Folder (Follow the video)
Rescan to get your configs
Get some Combolists and add to your openbullet
Follow the video
Get Proxies and add to your openbullet
Follow the video
Make a runner and start checking!
The bots are the threads, more threads = More PC usage (RAM and CPU) but gives more CPM
Follow the video
How do i make my own combolist
Show ContentSpoiler:You have two options for this
1.- Leaching
2.- Dorking
The first way is easy and everybody can do it
Leaching Tutorial
You will need:
Leaching keywords:
Something like
Minecraft combos
Combos 2022
Best combos
@
Keywords related to combos / accounts of your target
Leaching keywords target COMBOLISTS on pastesites. search engines index these pages based on their text content so searching words commonly found In combolists is ideal
With your Leaching Keywords you will need a Leecher (Leacher Combolist)
Add the keywords to your leecher and start scrapping, it's all to get your combolist
The second way is kinda hard to do
Dorking tutorial (Basic things)
Part 1
Dorking basics
You will need:
Parameters
Pagetypes
Keywords (not the same as leaching)
Domains
Dorktypes
Parameters:
gameid
game_released
game_name
game_id
Pagetypes:
.php
.asp
Keywords:
Not need to mention your target directly or have "combolists, cracking, etc...)
Example:
If i want to get Porn Combos i need to type something like:
Vintage Blowjob
Hot videos
etc....
Domains:
.com
.net
Dorktypes:
The file who "mix" all (The format)
(kw) ext:php inurl:php.PP=
Get a dork maker, select all your files and make your own dorks!
Part 2
Parsing & Vulns
Get a parser, select your dorks and parse with your favorite engine, then you will get URLS
(Don't use Ask / Others random engine if your dorks are not Ask Syntax Dorks)
Get a Vuln Scanner and scan your urls to search vulnerable DB's
Get a Dumper and Start Dumping!
(Check this guide to learn how to dump, im lazy to explain here)
This isn't even the half of all, if you want to contribute just left a like.
