Hacking Basic Web Accounts ~ FUNWORLD
Hacking Basic Web Accounts ~ FUNWORLD

Hacking Basic Web Accounts

Before Starting We Will Need Brutus AE2, we can get that from my current site grahamfisher.t83.net if its still up or you can get it from www.library.2ya.com, under webhacks. Okay this tactic will only work with these types of logins, HTTP Basic Authentication), And HTTP (Form), but for this example, lets use a simple site, to steel peoples account from, assparade.com, Alright now getting to the login screen is easy, it should be at the bottom of the page and say “Members Entrance,” click on it, Notice, it hides the url, of the login screen, well if you’re a idiot you wouldn’t know how to find the link the in the address bar, although If you are one of those idiots, don’t worry, your learning, so go back, to the place where it gave you the option to click “members entrance,” don’t click on it, what we want to do now, is to do a right click on the members entrance hyperlink, and than click properties, and it should say the url of the login screen which is http://assparade.bangbros.com/, so now your wondering, how the fuck am I gonna get the password, to that, well the awnser is assparade is a highly popular site, with many members, and that means tons of idiots who put their username down as “porn”, and their password down as “cow,” so you know brute forcing this site will be easy as shit. So check this out, what we want to do is, open the BrutusAE2, in the target put down assparade.bangbros.com, and type HTTP (Basic Auth), and on the method put Get. Now we need a wordlist because we don’t want to spend a year bruting the admin’s password, just to check out some chicks. So what we want to do is download some word lists from library.2ya.com, so lets download the male name’s world list, and the female name wordlist. Now what we want to do is plug the male name world list into the the username, and plug the female name word list into the password area, and click start. You should come up with some false results and true results, I got a true result which was, username = “Asshole”, Password = “Abagail,” very basic. If the site is using emails as usernames, that will be a problem, unless you want to create a email wordlist, which you can learn to do in the next tutorial.

1 comment:

Anonymous said...

i have been following this blog for some time now, good job by the way