30 November, 2022 - 03:22 AM
Reply
(17 July, 2022 - 02:27 AM)ApolloONTop Wrote: Show MoreIntroduction
Show ContentSpoiler:What is this?This is a full cracking guide, i will teach you all the basics of cracking / pentesting.
Are you going to give the tools?
Yes, i'm gonna post all the tool links.
This guide was helpful, how i can help you?
Just leave a like and comment something positive.
General Concepts
Show ContentSpoiler:CPM
Check Per Minute
The amount of accounts checked in one minute
Combo / Wordlist
Combination of Email:Pass, User:Pass
(Can be another type of combination but still named Combolist)Proxy / Proxies
A web proxy server, also known as a proxy is an application-level gateway, a server sits between you and the Internet.
The proxy server is replacing that data and that way hiding you in a web.
Proxy Protocols
HTTP, HTTP/S, SOCKS4, SOCKS5
Network layers
IPV4, IPV6
Type of proxies
Cracking ConceptsShow ContentSpoiler:Datacenter
Datacenter Proxies are proxies that are not affiliated with an Internet Service Provider (ISP). They come from a secondary corporation and provide you with completely private IP authentication and anonymity.
Residential
Residential proxies allow you to choose a specific location (country, city, or mobile carrier) and surf the web as a real user in that area.
Proxies can be defined as intermediaries that protect users from general web traffic.
They act as buffers while also concealing your IP address.
Rotative
Changes the IP's every "x" time or per request
The IP's changes using the IP pool from your supplier.
Static
Do not change the IP per request or time.
Still as original IP from start.
Sticky
DataCenter proxies that changes per session / time
Show ContentSpoiler:
Config
OpenBullet configuration
it uses the API, headers and requests to get your hits.
Checker
Same function as a openbullet configuration
Can be customized with custom threading, format and more.
Dumper (SQL)
Tool used to exploit the SQLI vulnerability.
Used to get Rows from Databases
A.K.A Combos.
Google Dorking
This refers to using Google search techniques to hack into vulnerable sites or search for information that is not available in public search results.
Dork Parser
Tool used to parse URL's to get vulnerables websites using the google query.
Vuln Scanner
SQL vuln scanner used to get Vulnerable Website with SQL injection exploit.
Example of vulnerable DataBases
How to start?
Show ContentSpoiler:First of all you need to get a checker or OpenBullet.
You can get OpenBullet in github or just click here
I like more "SilverBullet" than Openbullet, but is my opinion.
You can get OpenBullet configs in Config Section or buy configs in Sellers Marketplace
Remember:
Most of OpenBullet Mods (Like SilverBullet) have their own extension
Default extension for OpenBullet config is ".Loli", Extension for SilverBullet is ".SVB", Extension for Anomaly is ".Anom", Extension for CyberBullet is ".CYB"
After you get some configs, drag all of them to the Configs Folder (Follow the video)
Rescan to get your configs
Get some Combolists and add to your openbullet
Follow the video
Get Proxies and add to your openbullet
Follow the video
Make a runner and start checking!
The bots are the threads, more threads = More PC usage (RAM and CPU) but gives more CPM
Follow the video
Combolist Section
Show ContentSpoiler:You have two options for this
1.- Leaching
2.- Dorking
The first way is easy and everybody can do it
Leaching Tutorial
You will need:
Leaching keywords:
Something like
Minecraft combos
Combos 2022
Best combos
@
Keywords related to combos / accounts of your target
Leaching keywords target COMBOLISTS on pastesites. search engines index these pages based on their text content so searching words commonly found In combolists is ideal
With your Leaching Keywords you will need a Leecher (Leacher Combolist)
Add the keywords to your leecher and start scrapping, it's all to get your combolist
The second way is kinda hard to do
Dorking tutorial (Basic things)
Part 1
Dorking basics
You will need:
Parameters
Pagetypes
Keywords (not the same as leaching)
Domains
Dorktypes
Parameters:
gameid
game_released
game_name
game_id
Pagetypes:
.php
.asp
Keywords:
Not need to mention your target directly or have "combolists, cracking, etc...)
Example:
If i want to get Porn Combos i need to type something like:
Vintage Blowjob
Hot videos
etc....
Domains:
.com
.net
Dorktypes:
The file who "mix" all (The format)
(kw) ext:php inurl:php.PP=
Get a dork maker, select all your files and make your own dorks!
Part 2
Parsing & Vulns
Get a parser, select your dorks and parse with your favorite engine, then you will get URLS
(Don't use Ask / Others random engine if your dorks are not Ask Syntax Dorks)
Get a Vuln Scanner and scan your urls to search vulnerable DB's
Get a Dumper and Start Dumping!
(Check this guide to learn how to dump, im lazy to explain here)
This isn't even the half of all, if you want to contribute just left a like.
thank you