C R A C K E R S F
A Q
--------------------------==================================--------------------------
Version: 1.0a
Date: 06/09/1999
Contributors: -.-Phañ†om-.-
(your name could me here too)
Founder: PhÖßetøR
--------------------------==================================--------------------------
C R A C K E R S F A Q
-=
Da begin=-
What's an FAQ?
Why is there a FAQ like this
one?
What if I can't find in this FAQ what
I'm looking for?
How can I get a recent
copy of this FAQ?
-=Da basics=-
How can I access an erotic site?
What if I don't want
to pay for that site?
How do ya crack a site?
What kind of crack proggies
are there?
Will you send me a crack program?
Will you crack a site for me?
What's the difference between
hacking and cracking?
What's a "members url"?
Why must I use a proxie
for cracking? It's slows down the process!
Where can I find a good proxie?
How do I make a good word list?
-=Da advanced=-
Should I use a big list or
a small one?
Why must I organise my word lists?
What's the .htaccess trick?
Will you explain how to
get the .htpasswd then?
What's IBill?
What types of IBill sites
are there?
--=Da Begin=-----------------------------------------------------------------------------------
Q: What's
an FAQ?
A: A FAQ (pronounced "fak"-with a short "a")
has two meanings. It can be a "Frequently
Asked Question" or it can be a document full of FAQs.
top
Q:
Why is there a FAQ like this one?
A: We crackers were going totally bogus from all those questions
about "how can I
crack a Xxxwebsite" or "Can you help me with my wordlist".
That's why I wrote this FAQ.
Hope it helps.
top
Q: What
if I can't find in this FAQ what I'm looking for?
A: Send your question to CrackerFAQ@HackerMail.net with subject:
question
top
Q:
How can I get a recent copy of this FAQ?
A: Send your request to CrackerFAQ@HackerMail.net with subject:
crackerfaq. We'll send it to ya then. Or go to the
website were you are reading this.
top
--=Da Basics=-----------------------------------------------------------------------------------
Q:
How can I access an erotic site?
A: Pay for it if it's a pay site, hehe.
top
Q:
What if I don't want to pay for that site?
A: Ask someone to crack it for ya or try to crack it yourself.
top
Q: How
do ya crack a site?
A: That's a big question. But okay, hang on. I'll tell the basics.
You go to
a site where you want top have access to. You click on the members
url and start keying in all the
user combinations you know. E.g. Username: John Pass: Doe. If
you don't want to do it manually, you can
use a proggie then.
top
Q:
What kind of crack proggies are there?
A: A lot! These are the one we know of: HackerTTP, FreeDive/AccesDive,
GoldenEye, WebCracker, Hack
Office (former know as WebHack), WwwHack, Entry, Brutus. Every
program has his own abilities and
features.
top
Q:
Will you send me a crack program?
A: No. We don't send programs. Try to find them your self. If
you are smart enough to crack websites,
then you are smart enough to find a proggie. Try Altavista for
instance :-)
top
Q:
Will you crack a site for me?
A: Sorry bud!. There are many Request boards out there where
you can ask for a pass to a xxx site.
top
Q:
What's the difference between hacking and cracking?
A: Well, as we see it: cracking is using bruteforce
programs to get passwords. Advanced cracking is stealing passwordfiles
using various exploits. Hacking
is gaining root access or similar access to a server an destroy
or alter things there.
top
Q: What's
a "members url"?
A: Follow these instructions and you'll find a members url:
1. Open the site on its main page with your web navigator.
2. Find on that page the clickable
image named "Members" or "Members login". When you have
find it,
just click on it.
3. Immediately, a dialog box will
pop-up. There , click on [cancel]. You'll see a blank page with a
message like "Unauthorized access".
4. At that moment , you'll see in
the Webaddress box that the web location has changed. You'll have
something like : //thesite.com/members/index.htm.
You'll need to copy that area in windows memory.
How ? Select the whole address with your mouse
then press these 2 keys at the same time : [Ctrl] +
[C] keys. Now , that it's in memory ; open your
search tool and copy the address location into it.
How? press 2 keys at the same time [Ctrl] + [V]
keys.
top
Q: Why must I use a proxie for cracking? It's slows down the process!
A: Virtually everything you do on
the internet is recorded in logs. In the identifying "http headers"
that are passed to sites you visit, several identify your internet
address (IP), what kind of software
you're using, the page you've just come from, and lots more
besides. When you request a webpage through
a proxy, it is the proxy which contacts the webpage, so it is
the proxy's identity which is recorded by
the webpage's logs. Proxies which are called "non-anonymous"
may pass on information about your
identity in some headers (HTTP_VIA, HTTP_FORWARDED, HTTP_X_FORWARDED_FOR),
but _all_ proxies substitute
their identity for your's in the crucial REMOTE_HOST and REMOTE_ADDR
headers. According to one
estimate, over 90% of web servers completely ignore the HTTP_VIA,
HTTP_FORWARDED, and
HTTP_X_FORWARDED_FOR headers. In the few cases where they
are logged, an "anonymous" proxy can be
counted on to conceal your identity in those headers as well.
A few proxies, most notably the
Junkbusters and CGIProxies, can block or fake information contained
in the HTTP_USER_AGENT and
HTTP_REFERER, too.
Q:
Where can I find a good proxie?
A: Try http://proxys4all.cgi.net
top
Q:
How do I make a good word list?
A: The best way of making a word list is making you're self.
A real cracker will never give you his word
list. Because he spend alot of time to make one.
top
--=Da Advanced=-----------------------------------------------------------------------------------
Q:
Should I use a big list or a small one?
A: It's not the size what matters, but the quality of your list.
Better is to organise you list. Make
lists for different sites: e.g. Amateurs, bbw lists. Look into
your SITES.DAT (for HackerTTP) and rip
all the user-pass combinations, and put them in the word lists.
Say you have a lot of amateur sites,
store all the user-pass combinations from the amateur sites
into a amateur word list.
top
Q: Why
must I organise my word lists?
A: The reason for that is, if you found a user-pass combination,
the owner of that combination
probably used it for similar sites. People are lazy! That's
a golden rule for making pass lists.
top
Q:
What's IBill?
A: IBill is a electronic payment provider for the internet.
top
Q:
What's the .htaccess trick?
A: It's no trick. Some sites didn't secure their site directory
very well, so it makes you as a cracker
possible to get their password file (.htpasswd, normally).
top
Q:
Will you explain how to get the .htpasswd then?
A: No, try to figure it out yourself. I gave enough information
a bout that part of cracking. This fil
is not a tutorial, but a FAQ.
top
Q:
What types of IBill sites are there?
A: As far as we know there are three types of Ibill sites. But
for all of them
you need to enter valid credit card info in order to determine
which of the
following three types the specific site is.
1) User chosen
These sites are fairly easy to crack - the buyer is allowed
to chose both
the username and the password. I think they both have to be
at least 6
characters long, but I'm not sure yet....
2) username=7 digit number
These sites very are difficult to crack. The username is a computer
generated
7 digit number, but the password is user chosen.
But unless you have a special list for these type of sites it
is very hard
to get hits on these. I mean the odds of you being able to guess
a right 7
digit username/user chosen password are very slim.
3) username&password= 7 digit
number
These sites very are difficult to crack. The username and the
password are
computergenerated 7 digit numbers. Often the the username and
password are
the same 7 digit number, but there are also sites where they
are generated
individually of each other making it virtually impossible to
crack within a
reasonable amount of time.
So unless you have a special list for these type of sites it
is very hard to
get hits on these. I mean the odds of you being able to guess
a right 7
digit username and password are very slim.
top