Before Starting We Will Need Brutus AE2, we can get that from my current site grahamfisher.t83.net if its still up or you can get it from www.library.2ya.com, under webhacks. Okay this tactic will only work with these types of logins, HTTP Basic Authentication), And HTTP (Form), but for this example, lets use a simple site, to steel peoples account from, assparade.com, Alright now getting to the login screen is easy, it should be at the bottom of the page and say â€œMembers Entrance,â€ click on it, Notice, it hides the url, of the login screen, well if youâ€™re a idiot you wouldnâ€™t know how to find the link the in the address bar, although If you are one of those idiots, donâ€™t worry, your learning, so go back, to the place where it gave you the option to click â€œmembers entrance,â€ donâ€™t click on it, what we want to do now, is to do a right click on the members entrance hyperlink, and than click properties, and it should say the url of the login screen which is http://assparade.bangbros.com/, so now your wondering, how the fuck am I gonna get the password, to that, well the awnser is assparade is a highly popular site, with many members, and that means tons of idiots who put their username down as â€œpornâ€, and their password down as â€œcow,â€ so you know brute forcing this site will be easy as shit. So check this out, what we want to do is, open the BrutusAE2, in the target put down assparade.bangbros.com, and type HTTP (Basic Auth), and on the method put Get. Now we need a wordlist because we donâ€™t want to spend a year bruting the adminâ€™s password, just to check out some chicks. So what we want to do is download some word lists from library.2ya.com, so lets download the male nameâ€™s world list, and the female name wordlist. Now what we want to do is plug the male name world list into the the username, and plug the female name word list into the password area, and click start. You should come up with some false results and true results, I got a true result which was, username = â€œAssholeâ€, Password = â€œAbagail,â€ very basic. If the site is using emails as usernames, that will be a problem, unless you want to create a email wordlist, which you can learn to do in the next tutorial.
Related Posts : Hacking