OP 13 October, 2019 - 11:54 AM
this article covers cracking in general; not a specific program or site.
The scene of cracking has exploded, mostly due to the availability of cracking programs and popularity of websites that cost money. The Internet is filled with predictable and Internet dumb users. With these users comes an opportunity for you to take what is not yours by brute force.
This article is meant to guide you to successfully cracking accounts. So let's get on with it.
The Main Principle of Cracking
One difficult to grasp fact new crackers come to find out is that cracking a particular account is usually difficult. Understanding this fact is a key step in becoming a successful cracker. There's great success in numbers. The more user accounts you have to try and crack, the more likely you'll have success. The reason behind this is simple and logical. If you have a pair of dice, and need to roll snake eyes(two ones), the more tries you have, the better the chance of success.
The main principle of cracking is trying as many valid users(will be covered later) as possible. Despite what others may think, have 10,000 user accounts to try and crack is a much better scenario than having 3 user accounts and 10,000 passwords.
Internet Dumb Users
Most people on the Internet do not take security seriously. There is a misconceived notion about the Internet that it's secure and anonymous. This lack of concern leads to guessable and common passwords. Patterns, common words, and common names are usually likely passwords. These are usually chosen by these users because they're easy to remember. Another common lapse in judgment is the fact that these users usually use the same password for all things they have a password for; bank or credit card accounts, E-Mail accounts, and pretty much anything else you can imagine.
All About Passwords
Choosing passwords to crack with is a critical of your success. Using "tert34g" as a password to crack with is not a good idea. Yeah, there's some small chance that you may achieve one successful attempt with it, but it's a waste of time.
Think about it. What do most people have in common? Names, favorite foods, favorite animals, favorite sports teams, favorite colors, etc. Instead of relying on preexisting password lists, try creating your own. Why? Things change. What was popular last year is no longer popular. MySpace as a password was logical two years ago. Now, most people haven't logged into their MySpace in months. Your unique ideas may provide you great success. Think about what's popular now... Justin Bieber, Obama, or the Miami heat. I bet you never thought of "heat" as a password.
Selective passwords are what I call passwords that are applicable only to a single website. If you're attempting to crack Facebook accounts, passwords like facebook, Facebook, or FACEBOOK are likely to be successful. If you'd like to go further, go into why people use Facebook. You can logically come to the conclusion that people use it for friends, buddies, etc. Those are logical passwords. The web site's name is one of the most common passwords used by users because it's easy to remember, and that same logic applies to every site they have an account with.
Passwords are usually lazy. Most people are too lazy to put any effort into a password, so people will rarely capitalize a password. Any part of the password. Usually, passwords cased like Michelle are rarely successful. The extra motion needed to reach the shift key is usually not a desirable motion for most users. Lowercase passwords are by far the most popular. Uppercase passwords like PASSWORD follow in second, and "properly" cased passwords like "Password" are third.
Name as password = success. One of the most successful method for cracking is using the user name as a password. Bobby's password is possibly bobby, and Janet's is likely to be janet. You can go further, and remove numbers with some programs. Bobby1945's password is possibly bobby, or even boby1945. Again, laziness. Most programs support the use of user name as password, and can remove the letters or numbers from the password for added control.
Research the Website You're Cracking
A lot of sites are becoming critical of their users' passwords. Now, most require a minimum password length, and even have particular rules like they must contain a number. To help with this, I'll explain the most common passwords should these kinds of rule apply.
If a website requires a number, try common passwords, and add a "1", or any other number, on the end. password1, adam1, facebook1 are all quite plausible and lazy(which is what you're going for).
If a website requires a capital letter, try capitalizing the first letter, or all letters: Facebook, Password, PASSWORD, LOVE.
If a website requires a capital letter and a number, try capitalizing the first letter and adding a "1", or any other number, at the end: Password1, Michelle1, Rachel1.
If a website requires a symbol, try an exclamation mark(!) or a period(.) at the end of common passwords: password!, iloveyou., etc.
Research will prevent you from wasting time. If you don't do proper research, and you're cracking a site that requires passwords with a length of more than 4, and you're using "1234" as a password, you're not doing a bit of good other than wasting bits and bytes of bandwidth.
Trying Other Sites with Cracked Accounts
9 times out of 10, a user has at least two accounts with the same password. An ideal situation is when you crack an account, and look in the account information, then find the user's E-Mail address. It's not even 50% likely, but there's a better chance than usual that you know that E-Mail address's password. If and when you access the E-Mail account, it's probable that all other sites the user has registered on has sent him or her an E-Mail. Not many people clean their E-Mail box.
Don't Crack Air; Use Valid Users
If a user account doesn't exist, why would you try to crack it other than to waste time? Understand that like passwords, a lot of user names are common words, phrases, or patterns. bobby1 is more likely to exist than bobby10382.
As of this moment, there are a few program available for validating whether or not accounts exist. I will not discuss or list these programs, but do the research; it's well worth it.
Combos(Password Databases)
Combos, as they are called by most crackers, are lists of user names and passwords that have already been cracked for other sites. These are highly successful, but the success can be short lived if other users have access to the same combo. Programs that search for combos are useful, but as I just stated, the success they give can be short lived. These programs are predictable, by that I mean that they use the same, repetitive collecting mechanism.
Combos are a great asset to cracking, but it can be a gold rush which other users can "steal" your hard work.
Sample List
Here's a small sample password list off the top of my head that will likely be successful:
123456
123456789
abc123
asdf
asdfghjkl
54321
password
password1
lakers
bieber
michael
chris
jesus
money
green
yellow
blue
tiger
puppy
kitten
kitty
james
brandon
michelle
elizabeth
stacy
As you can see, all passwords are common words, or easy to remember patterns.
In Summary
Cracking accounts can be easy; and it can be hard. This all depends on your research and effort before cracking. Success is paved with research.
The scene of cracking has exploded, mostly due to the availability of cracking programs and popularity of websites that cost money. The Internet is filled with predictable and Internet dumb users. With these users comes an opportunity for you to take what is not yours by brute force.
This article is meant to guide you to successfully cracking accounts. So let's get on with it.
The Main Principle of Cracking
One difficult to grasp fact new crackers come to find out is that cracking a particular account is usually difficult. Understanding this fact is a key step in becoming a successful cracker. There's great success in numbers. The more user accounts you have to try and crack, the more likely you'll have success. The reason behind this is simple and logical. If you have a pair of dice, and need to roll snake eyes(two ones), the more tries you have, the better the chance of success.
The main principle of cracking is trying as many valid users(will be covered later) as possible. Despite what others may think, have 10,000 user accounts to try and crack is a much better scenario than having 3 user accounts and 10,000 passwords.
Internet Dumb Users
Most people on the Internet do not take security seriously. There is a misconceived notion about the Internet that it's secure and anonymous. This lack of concern leads to guessable and common passwords. Patterns, common words, and common names are usually likely passwords. These are usually chosen by these users because they're easy to remember. Another common lapse in judgment is the fact that these users usually use the same password for all things they have a password for; bank or credit card accounts, E-Mail accounts, and pretty much anything else you can imagine.
All About Passwords
Choosing passwords to crack with is a critical of your success. Using "tert34g" as a password to crack with is not a good idea. Yeah, there's some small chance that you may achieve one successful attempt with it, but it's a waste of time.
Think about it. What do most people have in common? Names, favorite foods, favorite animals, favorite sports teams, favorite colors, etc. Instead of relying on preexisting password lists, try creating your own. Why? Things change. What was popular last year is no longer popular. MySpace as a password was logical two years ago. Now, most people haven't logged into their MySpace in months. Your unique ideas may provide you great success. Think about what's popular now... Justin Bieber, Obama, or the Miami heat. I bet you never thought of "heat" as a password.
Selective passwords are what I call passwords that are applicable only to a single website. If you're attempting to crack Facebook accounts, passwords like facebook, Facebook, or FACEBOOK are likely to be successful. If you'd like to go further, go into why people use Facebook. You can logically come to the conclusion that people use it for friends, buddies, etc. Those are logical passwords. The web site's name is one of the most common passwords used by users because it's easy to remember, and that same logic applies to every site they have an account with.
Passwords are usually lazy. Most people are too lazy to put any effort into a password, so people will rarely capitalize a password. Any part of the password. Usually, passwords cased like Michelle are rarely successful. The extra motion needed to reach the shift key is usually not a desirable motion for most users. Lowercase passwords are by far the most popular. Uppercase passwords like PASSWORD follow in second, and "properly" cased passwords like "Password" are third.
Name as password = success. One of the most successful method for cracking is using the user name as a password. Bobby's password is possibly bobby, and Janet's is likely to be janet. You can go further, and remove numbers with some programs. Bobby1945's password is possibly bobby, or even boby1945. Again, laziness. Most programs support the use of user name as password, and can remove the letters or numbers from the password for added control.
Research the Website You're Cracking
A lot of sites are becoming critical of their users' passwords. Now, most require a minimum password length, and even have particular rules like they must contain a number. To help with this, I'll explain the most common passwords should these kinds of rule apply.
If a website requires a number, try common passwords, and add a "1", or any other number, on the end. password1, adam1, facebook1 are all quite plausible and lazy(which is what you're going for).
If a website requires a capital letter, try capitalizing the first letter, or all letters: Facebook, Password, PASSWORD, LOVE.
If a website requires a capital letter and a number, try capitalizing the first letter and adding a "1", or any other number, at the end: Password1, Michelle1, Rachel1.
If a website requires a symbol, try an exclamation mark(!) or a period(.) at the end of common passwords: password!, iloveyou., etc.
Research will prevent you from wasting time. If you don't do proper research, and you're cracking a site that requires passwords with a length of more than 4, and you're using "1234" as a password, you're not doing a bit of good other than wasting bits and bytes of bandwidth.
Trying Other Sites with Cracked Accounts
9 times out of 10, a user has at least two accounts with the same password. An ideal situation is when you crack an account, and look in the account information, then find the user's E-Mail address. It's not even 50% likely, but there's a better chance than usual that you know that E-Mail address's password. If and when you access the E-Mail account, it's probable that all other sites the user has registered on has sent him or her an E-Mail. Not many people clean their E-Mail box.
Don't Crack Air; Use Valid Users
If a user account doesn't exist, why would you try to crack it other than to waste time? Understand that like passwords, a lot of user names are common words, phrases, or patterns. bobby1 is more likely to exist than bobby10382.
As of this moment, there are a few program available for validating whether or not accounts exist. I will not discuss or list these programs, but do the research; it's well worth it.
Combos(Password Databases)
Combos, as they are called by most crackers, are lists of user names and passwords that have already been cracked for other sites. These are highly successful, but the success can be short lived if other users have access to the same combo. Programs that search for combos are useful, but as I just stated, the success they give can be short lived. These programs are predictable, by that I mean that they use the same, repetitive collecting mechanism.
Combos are a great asset to cracking, but it can be a gold rush which other users can "steal" your hard work.
Sample List
Here's a small sample password list off the top of my head that will likely be successful:
123456
123456789
abc123
asdf
asdfghjkl
54321
password
password1
lakers
bieber
michael
chris
jesus
money
green
yellow
blue
tiger
puppy
kitten
kitty
james
brandon
michelle
elizabeth
stacy
As you can see, all passwords are common words, or easy to remember patterns.
In Summary
Cracking accounts can be easy; and it can be hard. This all depends on your research and effort before cracking. Success is paved with research.