~ Passwords lore ~
Version February 2002
HOW TO ACCESS ANY DATABASE ON THE WEB
(how to find working passwords when you forget your own)
The unabridged discussion
Is a jewel for all those readers that will take the time to read it
|
|
~ Passwords lore ~ Version February 2002 HOW TO ACCESS ANY DATABASE ON THE WEB (how to find working passwords when you forget your own) The unabridged discussion Is a jewel for all those readers that will take the time to read it |
|
|
| Re: Password Busters (14/01/02 20:40:46) | |
ftp://ftp.cerias.purdue.edu/pub/dict/ |
| more lists (14/01/02 21:02:31) | |
and wordlists2.htm |
| passwords (14/01/02 22:04:19) | |
I wanted to prepare, as next step, an essay on how to break ANY common username/password combination. This is a trivial deed, using the right tools and techniques, and - as you very well know - the best 'artists' in this lore, the people we can LEARN from, are porn-sites intruders a la http://forums.asp-dev.co.uk/freepass/ & the germans at dany. Seekers need this kind of knowledge in order to access newspapers and library databases as well, duh, therefore I think and believe it would be 'angebracht' to delve in such a lore, using the same programs (but of course DIFFERENT combolists) in order to gain knowledge access. I have tried to reach Giglio, but he does not answer any more. So I need help. I am going to prepare this (soon or later) alone, if neds be. Unfortunately I will not have that much time in the next months. Hence: your help would be welcome and useful... preparing essays 'synthtetizing' these 'pornpass' knowledges into useful "how to access databases when you have forgotten your password" essays. Work well, F+ |
| Re: Some challenges (15/01/02 06:57:49) | |
http://www.hackerslab.org/eorg/hackingzone/hackingzone.htm http://www.try2hack.nl/ http://www.pulltheplug.com/index2.html To participate in some Hacking challenge/classrooms practice :) |
| Re: Re: Some (other) challenges (15/01/02 11:51:06) | |
Anyone has the time and interest to follow a little what's going on and report, least we will be caught ourselves unaware? Material for many security essays. Gosh, I wish I had 48 hours days... |
| For easy access into a major password forum that wont let you in (15/01/02 20:31:18) | |
-->rick. BINGO!! p.s. Will build a conclusion regarding tools, spoofing referals, fake passes, creating wordlists depending on the database, blah, blah blah. V |
| Re: For easy access into a major password forum that wont let you in (17/01/02 07:35:23) | |
loco25/loco25 lot of stuff to read and learn. it has a forum to share word lists, tutorials, threads around this or that soft ... great site veliti ! :) some url found here: wordlists: http://wordlists.security-on.net/download.html http://www.outpost9.com/files/WordLists.html ftp://ftp.ntua.gr/pub/crypt/mirrors/utopia.hacktic.nl/wordlists ftp://coast.cs.purdue.edu/pub/dict/ i've dumped some thread with combo lists, to build mine. veliti: wanna share ? We will need to build ones dedicated to our targets. a long work in perspective ... Other valuable ressources : tools - download here bruteforcers, wordlist managers, wordlist leechers, proxyhunter ... http://www.buschhacker.de/site/tools/?sektion=4 (change 4 with 1,2,3 and so on) http://www.wi11ie.com/windoze.html (clean) http://www.securityadvise.de/deny/files/ tutorials : http://acepasses.xxx.web1000.com/ http://www.securityadvise.de/info_essay.html (lots) be sure to check the last url. it has a bunch of tutorials related to that field :) in the next message, i'll post a tutorial ripped on the forums. |
| a web cracking tutorial from passwordforum (17/01/02 07:38:25) | |
Here's something that I came across, while doing some research for TEAM GREEN. Unfortunately, the original author's name wasn't given, so I can't give him credit for this EXCELLENT tutorial, without a doubt, the BEST one that I have seen to date. ************************************** quote: Manual_For_Newbies_V1.0 Part 1 – Introduction – Part 2 – Common Terms – Part 3 – The Tools you need – Part 4 – Link where to get – Part 5 – Safety and Anonimity – Part 6 – How to protect yourself – Part 7 – Wordlists – Part 8 – Settings off the tools – Part 1 – Introduction – Me, Why, The motives, The people: I would like to begin first with a bit of background on myself. Prior to the last nine months that I have spent password hacking I spent over a year as a Software Reverse Engineer. In that time I gathered a lot of skills, dabbled in complex serial number algorithms and sometimes just laughed at the sheer stupidity of some programmers. I then had a lot of friends ask me to hack passwords for porn sites. Never being one to back down from a challenge I got to reading. The problem that I noticed was the lack of information available on this topic. I read a couple of essays at the old IceFortress site and started experimenting. I soon realised that it is not that difficult after all. I spent the next eight months casually hacking sites for friends, building my skills. I then decided that I could stand no longer these huge pass sites on the net that are all just misleading scams, so I started my own site. Still learning, I discovered: 1. The amount of work involved in maintaining a password site 2. How greedy and rude the majority of people are. In saying that, I then turned my site into an information source for newbie hackers to learn the skills that I am willing to pass on. If you follow the forthcoming lessons carefully, dedicate yourself and most of all have a lot of patience(or a really fast connection), then you will learn something. I hope that will make you capable of getting into all the sites you desire. You will then be able to help others, and the pyramid spreads from there. I do realise that compared to a lot of other password hackers nine months in the bigger scheme of things is not really that long. However I do feel that I have something to contribute in my writings to follow and I do invite constructive criticism as well as comments and feedback. I hope that you do enjoy reading these lessons. I will try and cover as much as possible in as much detail as I can so that almost anybody has a shot at understanding what it is that I'm going on about. Now enough blabbering on to the good stuff... :-) These are common terms that I will be using throughout my lessons. It's better that you read them now and as you come across them, refer back to the list. It will make things a lot clearer. Part 2 – Common Terms Brute Force: - This is the term give to multiple attempts at breaking a form of protection. For example if I had a lock that had a three digit combination, brute force would be to try every combination from 001 to 999. Eventually I would get the combination. Wordlist: - Unfortunately when attempting to hack a site it is just not logical to try every combination. Instead in your travels you will build your own personal wordlist. This wordlist can be simply a huge list of all possible common passwords. Everything from aardvark to zebra. Or it could more likely be a combo list(definition below) in the form mickey:mouse. These are lists of possible passwords that you will use in your brute force attempts. Combo List: - The majority of hacks that you will make will be from your combo list. This is a list of the form donald:duck. Username and passwords can be separated by a colon ( or a Tab, this varies depending on the program that you are using. More information will be given later in the section on building wordlists. These are the main programs that I use in day to day hacking. Each has advantages and disadvantages, some have been listed below. Part 3 – The tools you need – Access Diver v4.00: - In my opinion lacks the functionality of Goldeneye however it has a good security exploiter that I quite often use. Ares: - Wonderful user friendly interface. Has the ability to detect when a site gives off fake passes. Lacks however a lot of the extra options that programs such as Goldeneye have. Gets better and better with every release. I feel it will become a hacker's choice utility. Goldeneye: - The main program that I use day to day in my attempts. Can look scary to start with because of all the configurable options but once you become more skilled you will realise that this program has the best functionality. Raptor II: - The best word utility you will ever use. Has wonderful sort and management features. Runs brilliantly on my PC. This program is a godsend. Webcracker v4.0: - The first hacking program that I ever used. Great Graphical User Interface with only a few options to configure. I recommend for newbies. Just lacks a lot of the extra functions as well. Part 4 – Link where to get – http://www.deny.de (HamSolo: deny.de JUST got back ******, so they don't have hardly ANYTHING set up YET, but they DO still have ALL of their old files, so its only a matter of time until they are back UP to running at full speed.) - will provide links to all of the above mentioned tools. As I write these lessons they will take you through password hacking basically stage by stage however I of course recommend that supplementary reading won't hurt. The first topic that I suggest you research is the use of proxys and anonymity on the Internet. This is an extremely important topic. My next lesson will cover basically all you need to know to not get caught. http://www.deny.de (HamSolo : See comment above) - Text section, basically anything on proxys or anonymity. If it gets too complex then don't worry. It will be explained in my next lesson. The same site also has a good help forum for you to ask questions as well as support for Access Diver and Goldeneye. Part 5 – Safety and Anonimity – Intro: - Some of you might be sitting there saying, "I'm in front of my PC, who the hell is going to find me here?" Well in one sense you are quite right but in another totally wrong. As you surf the Internet, everywhere you go you leave bits of information about yourself and traces of your activities. It is quite easy to gain the IP, quite often the ISP, browser configuration etc… of a person surfing a page. Now especially if your doing things that might be considered illegal in some countries, you don't want to leave all this information behind. This information can easily be used to track you. - This is why during your activities you should take precautions such as those listed below in Part 6 – How to protect yourself - to avoid being caught. To be honest the risk factor is quite low. If you use anonymous proxys(defined below) in your attempts, you are sensible and don't do anything too stupid then the chances of you getting caught are virtually non-existent. Even if you were caught, the chances of you being convicted of computer crime is about as likely as a hooker giving back your money afterwards. It comes down to one thing, this could quite possibly get you into trouble, but as long as you don't do anything stupid and you are careful, you'll be fine. Part 6 – How to protect yourself – Introduction: - There are quite a lot of essays that have already been written on proxys. I will provide you with the information that you will need however I know that there are always people who want to go a step further. I suggest reading all the essays in the text section of www.deny.de on proxys. Some of them go very in-depth. Knowledge is power, the more knowledge you gather the better hacker you will become. What is a proxy?: - Well a proxy is a cache between you and the Internet. That means that you don't directly communicate to the Internet. You communicate through the proxy. If it is an anonymous proxy then the site that you are communicating with cannot recognise you or your ISP, only the proxy. There are huge advantages in using a proxy, during your attempts it is mandatory. The errors you will get: - A lot of sites nowadays have protections that will forbid(403) your proxy after 'x' amount of attempts. However in programs like Goldeneye you can set 'proxy rotation' that will change the proxy after 'x' attempts. That is, with a list of say 20 anonymous proxys, set the rotation to 100, you can easily move through a wordlist of 2000 words without your attempts being forbidden. - When your attempts are forbidden, it doesn't matter if the pass is correct or incorrect, it automatically calls a forbidden(403). Quite often this goes hand in hand with soon after giving redirections or fake passes where the site accepts any login from your proxy or IP and automatically redirects you, usually straight back to their main page or join page. - By using an anonymous proxy you are both staying anonymous and gain the advantage through your ability to rotate proxys after a certain amount of attempts. Here are a couple of proxy lists that you can use. There are a lot of lists out there, many are outdated and it is quite hard to find good ones that are updated often. A good idea is trying the phrase 'Anonymous proxy list' in a search engine. Testing proxys: - There are quite a number of ****** scripts as well as programs that test the level of anonymity of your proxys. The way that I test mine is through Goldeneye. Import a list of all the proxys that you have gathered then select 'Tools', 'Proxy Tester'. Put the speed bar to the maximum, select 'Towerofbabel' from the script list and click the little globe in the bottom left of the program screen to start testing. - This might take some time depending on the proxys and your connection. All secure proxys will come up with a little icon of a lock next to them. These are the ones that you want. Delete all non-secure proxys, you now hopefully have a good list of anonymous proxys to make attempts with. Also if you click the little clock it will sort your proxys by speed. It is a good idea to use the fastest available first. Part 7 – Wordlists – Introduction: - I hope that everyone learns a lot. In previous lessons I have introduced you to the tools that you will use, explained the basics of staying anonymous as well as some terms that are commonly used. I assume that you have already attempted to hack various sites, most likely without huge success. In this essay we will move deep into the building, maintenance and refinement of highly effective wordlists. You will find that your personal wordlists will prove highly effective as compared to using ones leeched from password sites. Whether you're an absolute newbie following through my lessons or a hacker of some experience, I'm sure that there is something here for everyone in the form of good wordlist habits. Clarification of what we are actually attempting to do: - Theoretically we are guessing people's login names and passwords. Practically however we are able to make so many attempts in a short period of time that quite often it is relatively easy to 'guess' someone's login and password. The weakness of Basic Authentication on the Internet is that there is no limit to the number of attempts you can make at guessing a login and password. True there are measures now that will forbid(403) your proxy after a certain amount of attempts, however in most cases you are able to make as many attempts as you like. It is because of this weakness and one other that it is relatively easy to guess passwords. The other weakness is at the hand of the user that has signed up for membership to the particular site. Quite often people choose passwords that are easy for them to remember such as 1234, password, cat, dog, qwerty. These make it easy, yet not as easy as my favourite type of passwords, where the login and password join to form a famous person, place or common phrase. For example mickey:mouse, sydney:australia, monica:swallows. One of the lists that you build yourself will contain as many possible combination like this that you can think of. In summary; what we are attempting to achieve is to build well maintained wordlists that will contain enough combinations to get you hits on a lot of sites. Leeching: - I suggest that the first list you should build is a leech list. The best leeching program currently available is called Bugs Bunny. It comes with a list of password posting sites that it will automatically extract the password combinations from with the click of a button. Once this is finished you will have your first wordlist, save this list to a .txt file called 'Leech List'. Every couple of days or so you should update this list by re- extracting passes using Bugs Bunny. You should also add other password sites to it to increase the variety of passwords extracted. This list can be effective, however you have to realise that basically every hacker in the world has these same passwords in their lists, so the chances that those passwords have already been hacked are increased. Combo list: This is the list that I spoke briefly about before. This list will contain all the possible combinations that you think people will use for their logins and passwords. The list can be formatted in two ways, with a colon( between login and password or a Tab space. I suggest the use of the colon(. Add to this list continually as you think of new possibilities. Don't be surprised if this list grows to a couple of hundred combinations rather quickly, mine is over 5000. In the end your list will resemble something of the form: abraham:lincoln martin:luther donald:duck disney:land And so on. - Trust me when I say that no combination is too obscure. If you feel that someone out there is using it then chances are they are. Save this list as a .txt file called 'Personal List'. Hit List: - This list will become your highly effective and refined 'Hit' list. Every time you crack a password to a site, add the password to this list. Don't be impatient, this list will grow gradually and you will find that for sites where the number of attempts you have is limited as well as on any site this list will be the first you use and will get you the most hits. Don't enter into it passwords of pass sites, only the combinations that you have cracked or passwords that you have received from other people. What this list will become is a list of people's combinations where the same people most probably use that same combination on a variety of sites (often with the same theme, ie: all are 'Teen' sites, etc…) Later on when you become more experienced this can lead to categorisation of lists depending on themes, however for now just focus on what is here. Single List: - A single list is exactly that, a list of single passwords. You should attempt to build different sized single lists. Personally I have one of around 2000 really common logins and passwords, one of 10,000 fairly common and one of 70,000 passwords which is my 'Mega' single list. It is really up to you how you construct these, with what words and the like. I don't expect you to type out 70,000 words, my list has just grown from a lot of lists that I have joined together over time. There are quite a lot of good wordlists available already on the web, some are listed below: - The use of these lists is rather simple. Imagine for a moment a site that has 5000 members. If this site allows the user to enter the same word for his login and password then on average around 250 passwords will be in the form james:james. Around another 100 will be in the form james:james1. Various other forms will be james:james69, james:semaj james:JAMES etc… Quite a lot of people use variations of their login as their password. If the site allows the entry of the same word as login and password then a very highly effective technique is to run your single lists in this form. That is your single list will run through trying the same word as login and password for all the words in the list. In Goldeneye this is accomplished by choosing 'Options', 'Use Single Lists'. Then you need to click on the two notepads and select the SAME list for each one. In Ares this is accomplished similarly. Also of those 5000 members, at least 10 will use the password 1234. If your combo lists from above don't prove effective then I suggest running a single list as logins and the word 1234 as the password. If this still does not gain you a hit then try other really common passwords like qwerty, asdf, 4321, fuck, sex, cat, dog, pass etc… Maintenance: - It is important to attend to your lists regularly. Your leech list needs to be updated frequently. You need to continue to add to your Personal Combo List as well as all the passwords you gain to your single lists and your hits to your Hit List. A very good idea is to swap password lists with other hackers. If you are already friendly with them organise a swap, then everyone benefits because you both extend your wordlists. A very good tool for maintaining your wordlists is called Raptor. Madmax has recently released Raptor II. This program is an extremely fast and reliable tool that you will find yourself using repeatedly to build specific lists for sites as well maintaining your existing lists. Your lists will inevitably contain duplicates of the same password, Raptor II removes these dupes with barely any effort at all. Raptor will sort your lists alphabetically and provide you with numerous options to make alterations to your wordlists such as adding a '1' to the end of the password or '69' etc.... It is best if you explore this program by yourself. For now don't worry about the various AVS or ALS generators that are included. These are bonuses of the wonderful program that I will cover in a future essay. Final Words: - Now that you have created your lists don't forget that it is essential that you continue to build and maintain them. Every day I have a good habit of spending time working solely on my wordlists. Wordlists are what will get you hits in the end. The better refined and maintained your lists are the better hacker you will become because the more hits you will receive. In the end it comes down to a good imagination and extreme amounts of patience. Keep practicing and soon I will be discussing more techniques and more advanced examples. Part 8 – Settings off the tools – Introduction: - In this lesson you will be taught the basic use of brute force hacking programs such as Ares, Goldeneye and Webcracker. I am assuming that you have already read my previous two lessons, you have downloaded these programs and that you have a verified list of anonymous proxys ready to go. I will cover basic functions only in this lesson in order to get you started and to help you get the feel of things. As I continue into more complex items I will start to mention other features of these programs and how to use them. You will learn the art of wordlist refinement in my next lesson so in order to test that you have setup the programs correctly and for your experimentation purposes I have included a ready made wordlist of mine. So let's begin. Tools: - As I have previously stated, the two most basic programs available are Ares and Webcracker. Ares is simple because it does a lot of the work practically for you. Webcracker is simple because it has very few options to configure. I think that Ares is a good program to begin with however you should try both and then you decide which suits you best. Where to put what: - The member's URL is the URL or address of the entrance to the 'protected' section of the site that you are attempting to gain access to. For now you should stick to Basic Authentication. Basic Authentication is the standard that you will find on the Internet. It is the one that most adult sites use and really the weakest as far as security is concerned. It simply put, is the one where when you click 'members' it pops up a little gray box asking you for a User Name and Password. Other protections like the password entry to Hotmail where you have actual boxes on the html page to enter the data are known as form logins. These are a bit more complicated and will be covered later. Anyway in order to gain access to a site, you need to have a protected URL to enter into the program that you are using. - The simplest way is to go to the site you are about to attempt, right click on the 'members' link. Copy shortcut. Then click on the link to make sure that the box pops up. The reason you need to do this is because some sites when you click this link will simply take you to another page that you have to click on a completely different URL to enter the members area. This was started in order to deter newbie hackers that try the first URL without realising. Every password works for it, they get 1000 hits and wonder "what the hell?" so they move on. Anyway once you have the URL where the box actually pops up, you have completed step 2. You have your proxys from step 1. - With every release Ares gets better and better, it does a lot of the work for you and I feel it is one of the best programs that I have used. With future updates I feel that this program will become the top choice of most hackers. - You have your URL and your list of proxys. To enter the proxy list into Ares, click 'Proxy Settings' then the little '+'. Cut and paste your proxy list. Ares has a good verifier as well; you could even have verified your proxys here in step 1. Well with Ares, you have a URL and a proxy, all you need is a wordlist and your ready to go. Under 'User', select 'combo list' then choose your wordlist using the file dialog box below. Under 'Pass' select none. Done. Well now all you have to do is press play and you have started hacking. - Webcracker Webcracker is also easy to setup and has a nice Graphical User Interface. Simply once again paste the member's URL into the program, select your wordlist, 'use combo file.' Now go to 'advanced', select 'use proxy' and enter a single proxy and the port. This is where Webcracker looses its functionality, in its inability to use multiple proxys. Just below the proxy you are able to select the 'number of threads'. This is how many attempts should run simultaneously. On 56kb dialup I recommend no more than 60. Once you have done that, click the 'start' button and your away hacking as well. - Goldeneye Currently the most functional brute force program available is Goldeneye. Goldeneye has a lot of options that will be used in later more complex hacking. Some features that for various sites are necessary. To use it, simply paste the member's URL into the text box. Select the wordlist you wish to use. Then click on 'Options', 'Proxy'. Here you are able to add and delete proxys and are also able to select the proxy that you currently want to use. I strongly suggest that you select to 'change proxy on error.' Once all that is setup, simply click the little networking symbol in the top left corner of the program screen and you are away Last words off the writer: - As you can see these programs are very easy to use. After experimenting with a lot of sites though you will come across many that have various protections that require more than just a proxy and a wordlist. Some require really good or well refined wordlists to get a single hit. The next lesson that I write will cover in full; creation and maintenance of good wordlists. Until then, your homework is to practice and practice some more. Just about everything that I've learnt I have taught myself from pure experimentation. Experimentation doesn't mean being stupid or careless. Just have fun. Next lesson you will learn to refine your wordlists so you'll be getting hits all over the place. P.S. Hacking is illegal and if they want, they can catch you. Not even the best proxy can hide you. Like I said earlier. There are logs all over the internet. Remember - don’t do stupid things. I hope that even as a newbie, you know what stupid things are. THE END *************************************** *************************************** *************************************** Okay, I hope that you all learned something. Here's a few links to help you, until deny.de is fully up & running again... CURRENT Proxy List http://soldierproxy.s5.com/CurrentList.htm PROGRAMS (Goldeneye & Raptor) http://www.securityadvise.de/deny/h...ge/products.htm FILES http://www.securityadvise.de/deny/files/ BRUTE Force http://www.securityadvise.de/deny/files/BruteForce/ ------------------------------------- EOREPOST interesting :) have a nice day |
| Re: Re: For easy access into a major password forum that wont let you in (17/01/02 18:37:54) | |
|
| Re: Re: Re: For easy access into a major password forum that wont let you in (17/01/02 20:23:01) | |
The KNOWLEDGE is in the porn sites busters forums. The TARGETS should be both more worthy and more easy (bet with you that a book or museum collection will not have incredibly difficoult alfanumeric rotating passwords). Once found (passwords or backdoors) we will just have to register their subdirectories at major searchengines as 'please addmy site' URLs. As you prolly know, to re-name a whole subdirectory structure is something often thought and seldom done. I could also add that Jeff's trick (see Giglio's third classroom) for finding username/passwords combinations can ALREDAY NOW work access wonders, eheh |
| Re: Re: Re: Re:proxomitron ON (17/01/02 22:52:19) | |
reading these posts gave me another thought... the similarity in a couple of the examples given, or, like bob:bob@ and f+ post about a member trick made me wonder hummmmmmmmmm example: the key is ANY domaineName /plus whatever they call their memeber/ now lets pick that fifth google link (cause i tested it and it does work) and the numbers used in it follow the thoughts of this thread---ie: 444777:777444@ ---the user used the same login and pass so it would be easy to rememebr ... well that lead me to think about other things I read in this thread about how people probably use the same pass in lots of places so they can remember it easily so what happens if we remove the domainename/member and use ONLY the logpass? ?...:) we get huge lists of userpasses and who knows maybe with the right combo----we might stumble upon ALL the other places/domaines/ gogg has indexed for a single person/people/repeatedlyuseduserpass that they use to log into; even at other different type sites :) would be great to find a library or two :) no time to query... so I ask myself (after reading your great posts) does a bob:bob really exist? bobob billybob bobtail bobmorris :) beertime |
| Congrats Jeff! (17/01/02 23:18:49) | |
This deserves to be spread and teached, mighty trick of amazing semplicity (all is simple AFTERWARDS, eh) Will you put into a coeherent whole or should I publish as it is (raw diamonds are nice as well) |
| Re: :0 f+ (18/01/02 21:24:36) | |
|
| Re: Re: Re:"they aren't really saying anything new" (17/01/02 23:35:24) | |
|
| Re: For easy access into a major password forum that wont let you in (17/01/02 17:07:08) | |
http://www.chadwyck.co.uk/products/viewproduct.asp?key=881 227 years of english books on line :-) |
| Re: Re: For easy access into a major password forum that wont let you in (17/01/02 23:48:46) | |
http://www.bpl.org/brls/resources/database_99.htm |
| http://www.chadwyck.co.uk/contacts/trialrequest.asp (n/t) (18/01/02 00:34:49) | |
| Re: Target one - Cleared :) (n/t) (18/01/02 00:11:00) | |
| Re: Re: Hmmm ... my post was bugged (18/01/02 00:12:29) | |
links to : Early English Books Online Entering into the validation room : /eebo/accountlogin It uses a form protection scheme, withou submit button. Let's have a look at the sourcecode : <form method="POST" name="accountLoginForm" action="http://wwwlib.umi.com/eebo/login"> The return value must indicate where we should land after a correct login. let's try to jump directly : refused. was too easy ;) Maybe i can fish the .htaccess file : unauthorised... so now ? bruteforce ? test the naughty tools ? nah ... look at that : Query@Google : http://wwwlib.umi.com/eebo/accountlogin Not that I'm advocating or condoning it's use, but after some searching with google I've found the following: http://wwwlib.umi.com/eebo/accountlogin Username: malory PW: welcome Seems to work. It's funny how some passwords are published on webpages like that... I suggest that perhaps you might do a google search for a password... hehehe, i found the guy who found a password ;) and you know what ? it works ... time to feed my eyes. It'll be easier for us to find passwords in our domain. They aren't many hackers trying to penetrate the sites, and releasing huge list of l/p. Look at the post date : "14 Nov 2001" ! If it was a porn site, this l/p wouldn't have worked. I'm exploring the sites ... maybe i'll found interesting backdoors, or the whole password list :)) (i've one list for a university library to release this weekend) good evening |
| Backdoor : http://wwwlib.umi.com/eebo/html/ (n/t) (18/01/02 00:15:56) | |
| Access List in some DB (18/01/02 03:55:38) | |
In fact, some libraries install pages only for users that access to them in the real library. They don't imagine that their webpages can be indexed by Search Engines. In consequence, you can find some gems like this one : http://www.pioneer.wnyric.org/High_School/LMC/lmc.html This is what i have extrated and tested : Infotrac http://infotrac.galegroup.com/itweb/york28503 Password: york_log SIRS http://ars.sirs.com/cgi-bin/custlogin username : NY0528 password : 14173 Sorry, Your IP Address is not consistent with the customer number you entered Grolier Online http://go.grolier.com:80/ username: casls password: casls Spanish edition : username: Top password: dog Proquest http://www.bellhowell.infolearning.com/proquest user Name: 07SNXJX2C9 password: WELCOME World Book Online http://tryit.worldbookonline.com/ username: straighta password: student The EBSCO databases http://search.epnet.com/login.asp?group=empire Username: pioneerchs password: pioneerchs Health Reference DB from the NYS Library through LSTA funds http://infotrac.galegroup.com/itweb/nysl_we_pioneer/ password: empirelink Enjoy, and please use them in the safe way ... :) I don't know what are these DB (i already heard of some .. but never had the time to use them). Now, the task is to use them and see if it could be 'crack open' and indexed by bots. Or reverse the scripts and find the whole list of passwords. Look at this for example : http://library.lls.edu/electronicLUCY.html "You will be prompted for a user name, “loyolalaw”, and a password, “bnaweb22”.Once these are entered you will have access to the full text of this periodical online.(See Loyola Law School Licensed Resources User ID’s and Passwords for a complete list of user id’s and passwords)." hehe good n8 ;) |
| Re: it is raining passwords ! :) (18/01/02 04:20:10) | |
Query@Ragingsearch : link:"http://www.bellhowell.infolearning.com/proquest" +password Now, just fish access in the results. Use the yoyo wand if you want :) i just read the first page, and extracted : Junior Reference Collection @GaleGroup http://www.galenet.com/servlet/ProdList?q=aber60151 LIBRARY ID: aber60151 ELECTRIC LIBRARY http://www.elibrary.com/s/k12 Username: washstate019 Password: child19 K-6 ELECTRIC LIBRARY http://www.elibrary.com/s/k6/ Username: washstate019 Password: child19 Another ProQuest Access: username: BRV3G3S8V6 password: WELCOME And, one that i can't paste due to the high number of results : http://www.cdlib.org/about/test-accounts.html i didn't test it, but looks appealing. Now, it's time to fish lists of access, and range them for each DB known, and then build combolist. Each DB's Login Url can be used to see what are the sites POINTING to it, and filter the result to grab the passwords cheers :) |
| Seekers, Datajunkies, and other dragons (18/01/02 05:54:51) | |
Britannica Online http://members.eb.com user ID : !@#Ramona password: Ktwelve Electronic Library http://www.elibrary.com/education Username: subramon92065 Password: 14019 The EBSCO databases http://search.epnet.com/login.asp?group=empire Username: pioneerchs password: pioneerchs Username: lasalle Password: falcons 456561dsfsdf542123USERNAMEgfdX8564PASSWORD52135473514USERNAME1231 xvcFsqEHHJPASSWORD25125457dsFVFDSGHHvv2ds3 ~ i feel like a datajunky, flow of data emerging from here and there just by prononcing some KEYwords. Strange feeling ... and now?download everything,burn bunch of dataCD, and saying : Knowledge is Power !? Like a dragon sitting on his treasure, as someone said in the riddle board. but i won't ever read one percent of these. i'd like to, yes, in theory, but i don't wanna be a data sponge ;) By proceding like that, we're going to collect 'random' DB, from the library community (not so random ...). It even can be done automagically. IMHO it'd be possible to set a bot for fishing all passwords that hides in the sea of information formed by searching inside 'pools' of data. These one can be created by querying ragingsearch like i did. The results are then parsed, and (that's the hard part), a script check in pages if there are relevant keys. Each key is stocked with the door url. And each door can be used to query and create pool. And so on ... But then, what are we going to do with all that keys? What is really the most interesting : Having hundred keys and the adress of the door or knowing how to lockpick ? :) ---------------- What has be done in the last messages of this thread is just collecting data. No target (exclude the initial one). But what was fished can be used to : build maps (index of cracked database, commented, to create a fast jumping station for seekers) build wordlist and combolist for the bruteforcers have an access in order to 'crack open' and release to the public the hidden information (each site can be indexed out or mirrored or backdoored) have examples of passwords in order to reverse the login algo Let's center a bit on what was requested for searchlores : "Hence: your help would be welcome and useful... preparing essays 'synthtetizing' these 'pornpass' knowledges into useful "how to access databases when you have forgotten your password" essays." At that time, i never had to use bruteforce engine and worldlists (but i have read tutorials, and therefore i could use them if needed). In fact, gaining access to a porn site is far more difficult than accessing online librairies :) Tools from p0rn hackers are indeed usefull, but if really everything other failed. Preparing to this eventuallity, we can build combolist of what was fished, and reverse some protection scheme. For example : Proquest http://www.bellhowell.infolearning.com/proquest username: 07SNXJX2C9 password: WELCOME username: BRV3G3S8V6 password: WELCOME username: 0039KJK4DB password: WELCOME password: 87TFK6VCPC Password: WELCOME obvious no ? :) Knowing that, we can fish more passwords by querying, for example, google : +WELCOME +proquest +password HXM2X7RT9S BPVV68P7PD MFSR9HDD9K SKG2P2QB3X 86M9FKBHRD Q7Q3V6HQG8 HQ974NHXTM 006MPX2Q8H VVJRTR7V98 FDJR8CBX8X SK2NQ3XFSJ FDJR8CBX8X W68K2MNDS9 0043V3Q2S2 07TPHFKJ8R and that was just the first two pages ... 2,030 results. And EACH result is a potential to get access to OTHER databases (it's generally a sort of bookmark for libraries) another example ? Grolier Online http://go.grolier.com:80/ username: casls password: casls username: hot password: ice username: at5 password: ssoggy Spanish edition : username: Top password: dog comments : short login and password. Some common english words. conclusion : a good target for a bruteforce :) One where i failed is the SIRS databases SIRS http://ars.sirs.com/cgi-bin/custlogin username : NY0528 password : 14173 SIRS Fulltext Online Periodical Index http://sks.sirs.com Username: CA3759 Password: 92065 it says : "Sorry, Your IP Address is not consistent with the customer number you entered" So, they have an IpCheck. What can be done is using the IP of the site where the key was found and scanning 'around' for proxies ( ProxyHunter works fine for me : download proxy tools here or here or anywhere you want). Now it's time to collapse all the knowledge we can gather, build maps, crack open sites, and release everything in the open info sea. Let the nucleus eat all that stuff ! :) |
| "Seekers, Datajunkies, and other dragons" - Formated (18/01/02 05:57:01) | |
Britannica Online http://members.eb.com user ID : !@#Ramona password: Ktwelve Electronic Library http://www.elibrary.com/education Username: subramon92065 Password: 14019 The EBSCO databases http://search.epnet.com/login.asp?group=empire Username: pioneerchs password: pioneerchs Username: lasalle Password: falcons 456561dsfsdf542123USERNAMEgfdX8564PASSWORD52135473514USERNAME1231xvcFsq EHHJPASSWORD25125457dsFVFDSGHHvv2ds3 ~ i feel like a datajunky, flow of data emerging from here and there just by prononcing some KEYwords. Strange feeling ... and now?download everything,burn bunch of dataCD, and saying : Knowledge is Power !? Like a dragon sitting on his treasure, as someone said in the riddle board. but i won't ever read one percent of these. i'd like to, yes, in theory, but i don't wanna be a data sponge ;) By proceding like that, we're going to collect 'random' DB, from the library community (not so random ...). It even can be done automagically. IMHO it'd be possible to set a bot for fishing all passwords that hides in the sea of information formed by searching inside 'pools' of data. These one can be created by querying ragingsearch like i did. The results are then parsed, and (that's the hard part), a script check in pages if there are relevant keys. Each key is stocked with the door url. And each door can be used to query and create pool. And so on ... But then, what are we going to do with all that keys? What is really the most interesting : Having hundred keys and the adress of the door or knowing how to lockpick ? :) What has be done in the last messages of this thread is just collecting data. No target (exclude the initial one). But what was fished can be used to : Let's center on what was required for searchlores : "Hence: your help would be welcome and useful... preparing essays 'synthtetizing' these 'pornpass' knowledges into useful "how to access databases when you have forgotten your password" essays." At that time, i never had to use bruteforce engine and worldlists (but i have read tutorials, and therefore i could use them if needed). In fact, gaining access to a porn site is far more difficult than accessing online librairies :) Tools from p0rn hackers are indeed usefull, but if really everything other failed. Preparing to this eventuallity, we can build combolist of what was fished, and reverse some protection scheme. For example : Proquest http://www.bellhowell.infolearning.com/proquest username: 07SNXJX2C9 password: WELCOME username: BRV3G3S8V6 password: WELCOME username: 0039KJK4DB password: WELCOME password: 87TFK6VCPC Password: WELCOME obvious no ? :) Knowing that, we can fish more passwords by querying, for example, google : +WELCOME +proquest +password HXM2X7RT9S BPVV68P7PD MFSR9HDD9K SKG2P2QB3X 86M9FKBHRD Q7Q3V6HQG8 HQ974NHXTM 006MPX2Q8H VVJRTR7V98 FDJR8CBX8X SK2NQ3XFSJ FDJR8CBX8X W68K2MNDS9 0043V3Q2S2 07TPHFKJ8R and that was just the first two pages ... 2,030 results. And EACH result is a potential to get access to OTHER databases (it's generally a sort of bookmark for libraries) another example ? Grolier Online http://go.grolier.com:80/ username: casls password: casls username: hot password: ice username: at5 password: ssoggy Spanish edition : username: Top password: dog comments : short login and password. Some common english words. conclusion : a good target for a bruteforce :) One where i failed is the SIRS databases SIRS http://ars.sirs.com/cgi-bin/custlogin username : NY0528 password : 14173 SIRS Fulltext Online Periodical Index http://sks.sirs.com Username: CA3759 Password: 92065 it says : "Sorry, Your IP Address is not consistent with the customer number you entered" So, they have an IpCheck. What can be done is using the IP of the site where the key was found and scanning 'around' for proxies ( ProxyHunter works fine for me : download proxy tools here or here or anywhere you want). Now it's time to collapse all the knowledge we can gather, build maps, crack open sites, and release everything in the open info sea. Let the nucleus eat all that stuff ! :) |
| Re: a comment to the SIRS example (18/01/02 06:06:23) | |
username : NY0528 password : 14173 SIRS Fulltext Online Periodical Index http://sks.sirs.com Username: CA3759 Password: 92065 the first one come from a New York library, and the second from a Canadian library ... need more explanations ? ;) |
| a "trick" (18/01/02 07:00:37) | |
This way you'll fish mostly bookmarks where someone has written in PLAIN TEXT his login information. It is frequently the case for libraries, has we have seen earlier. They write all the identification informations on a web page, and thinks it'll be seen only by users of their internal computers. But they forgot the spiders ... :) Moreover, when you've grabbed a valid access, if the protection scheme is really weak, using this weakness as keywords can produce wonderfull results : remember the Proquest case. That's all. I think it somehow resumes what was written in my last posts in a simple searching algorithm. A trick. |
| Re: Re: a comment to the SIRS example (18/01/02 21:06:31) | |
|
| Re: a question (18/01/02 06:10:01) | |
now, about the 'crack open' thing. what if we set a page with links like : http://07SNXJX2C9:WELCOME@www.bellhowell.infolearning.com/proquest and submit it to Search Engines. Will they follow the links and index all the data which is hidden to the nucleus ? What about the robots.txt ? |
| Re: Re: a question (18/01/02 07:30:42) | |
Checking the sources where we have find the form (i take the interesting snippet) form method="POST" action="/pqdweb" onSubmit=" return Check4Blank();" input type="hidden" name="RQT" value="301" input type="hidden" name="TS" value="1011333342" input type="text" name="UserId" input type="password" name="Passwd" So, now we can build a valid url : http://proquest.umi.com/pqdweb?RQT=341&UserId=07SNXJX2C9&Passwd=WELCOME And it works. http://proquest.umi.com/pqdweb?RQT=341&UserId=[USERNAME HERE]&Passwd=WELCOME is the url we would need to use in order to bruteforce the site. Using the appropriate tool, the UserId will be changed to all possible combinaison of 10 characters taken in {A..Z;0..9}. that does : (26+10)^10 = 3.656.158.440.062.976 possibilities (if i don't make a mistake). Hmm, i don't know ... is that possible ? :) (what about RQT ? it has a value set at 341, and the form change it to 341 ... But : http://proquest.umi.com/robots.txt User-agent: * Disallow: / So, i think a bot won't index it. But maybe i'm wrong, we need to check. |
| tricks and questions (18/01/02 09:17:43) | |
...true to your name, you "Cheat of the gods" loki... Fundamental findings Dunnow how long this cutting road will remain open for us once published, maybe for ever, maybe just for some months. Would be worth having a look at regional search engines. If they perform the same tricks we'll be able to reopen all dragon caves whenever they close them. Will publish everything before the end of the month: a new section "Password lore"? "Dragon seekers"? "Down into the datamines?" I am not sure if you realize the POTENTIALITY of all this for knowledge spreading and 'reconstruction of the web of old' ehehehehehehe Masters of the web-void... we rule... sweet hybris F+ PS: Things are always so obvious afterwards, funny isn't it? |
| Re: Re: Re: a question (18/01/02 09:48:24) | |
This way we can easily avoid the robots.txt exclusion and get those page indexed (and cached !!). As far as I know the results of DQ experiments were by far positive. You do a wonderful work guys !! |
| You need proxies in order to buster :-) (17/01/02 10:20:47) | |
https://24.31.26.169/ https://164.125.144.65/ https://64.129.133.93/ https://www.megaproxy.com/ http://www.cl.spb.ru/sparta/list1.htm http://www.stormloader.com/iknow/proxy_list.htm http://www15.big.or.jp/~sagawa/proxylist.html http://www.coolrunning.tmfweb.nl/list1.html http://www.coolrunning.tmfweb.nl/list2.html http://isweb29.infoseek.co.jp/computer/toboke/index.html http://underworld.fortunecity.com/simcity/137/proxyanonim.htm http://argon.pu.acad.bg/ksx/links/proxy_.htm http://www.samair.ru/xwww/proxy.htm http://www.amoser.com/proxy_list.htm okieron_99 Moderator USA 19 Posts Posted - 10 Jan 2002 : 05:12:16 AM -------------------------------------------------------------------------------- A few more for fun http://proxycheck.spylog.ru/list.phtml?offset=100&status=3 http://proxycheck.spylog.ru/list.phtml?offset=100&status=99 http://proxycheck.spylog.ru/list.phtml?offset=150&status=3 http://proxycheck.spylog.ru/list.phtml?offset=150&status=99 http://proxycheck.spylog.ru/list.phtml?offset=250&status=3 http://proxycheck.spylog.ru/list.phtml?offset=350&status=3 http://proxycheck.spylog.ru/list.phtml?offset=350&status=99 http://proxycheck.spylog.ru/list.phtml?offset=400&status=3 http://proxycheck.spylog.ru/list.phtml?offset=400&status=99 http://proxycheck.spylog.ru/list.phtml?offset=450&status=3 http://proxycheck.spylog.ru/list.phtml?offset=450&status=99 http://proxycheck.spylog.ru/list.phtml?offset=500&status=3 http://proxycheck.spylog.ru/list.phtml?offset=500&status=99 http://proxycheck.spylog.ru/list.phtml?offset=550&status=3 http://proxycheck.spylog.ru/list.phtml?offset=700&status=3 http://proxycheck.spylog.ru/list.phtml?offset=750&status=3 http://proxycheck.spylog.ru/list.phtml?offset=800&status=3 http://proxycheck.spylog.ru/list.phtml?offset=850&status=3 http://proxycheck.spylog.ru/list.phtml?offset=900&status=3 http://proxycheck.spylog.ru/list.phtml?offset=950&status=3 http://proxycheck.spylog.ru/list.phtml?status=3 http://proxylist.hypermart.net/list1.htm http://proxylist.hypermart.net/list3.htm http://proxylist.hypermart.net/socks.htm http://www.anonym.f2s.com/cgi-bin/http.cgi http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-100.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-350.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-450.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-550.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-600.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-950.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList.asp http://www.fortunecity.com/skyscraper/cable/607/freeproxy5.htm http://www.fortunecity.com/skyscraper/cable/607/freeproxy6.htm http://www.ijs.co.nz/proxies.htm http://www.multiproxy.org/all_list.htm http://utenti.tripod.it/Crackz_search_engine/proxy.html http://home6.swipnet.se/~w-61609/Proxies.htm http://members.tripod.com/burn77/proxies.html http://proxycheck.spylog.ru/list.phtml?offset=1000&status=3 http://proxycheck.spylog.ru/list.phtml?offset=200&status=3 http://proxycheck.spylog.ru/list.phtml?offset=200&status=99 http://proxycheck.spylog.ru/list.phtml?offset=250&status=99 http://proxycheck.spylog.ru/list.phtml?offset=300&status=3 http://proxycheck.spylog.ru/list.phtml?offset=300&status=99 http://proxycheck.spylog.ru/list.phtml?offset=50&status=3 http://proxycheck.spylog.ru/list.phtml?offset=50&status=99 http://proxycheck.spylog.ru/list.phtml?offset=550&status=99 http://proxycheck.spylog.ru/list.phtml?offset=650&status=3 http://proxycheck.spylog.ru/list.phtml?status=99 http://proxylist.hypermart.net/ftp/list.txt http://proxylist.hypermart.net/list2.htm http://www.anonym.f2s.com/cgi-bin/https.cgi http://www.atomintersoft.com/onlinealiveproxy/proxylist.asp http://www.fortunecity.com/skyscraper/cable/607/freeproxy1.htm http://www.fortunecity.com/skyscraper/cable/607/freeproxy2.htm http://www.fortunecity.com/skyscraper/cable/607/freeproxy3.htm http://www.fortunecity.com/skyscraper/cable/607/freeproxy4.htm http://www.fortunecity.com/skyscraper/cern/474/proksi.html http://www.fortunecity.com/skyscraper/millenit/1069/ http://www.hessbern.ch/proxy/?site=proxy http://www.ijs.co.nz/proxies2.htm http://www.multimania.com/nohack/proxis.html http://www.viktar.boom.ru/iproxy1.htm http://www.angelfire.com/nd/hallowboy/ProxyAnon1.txt http://www.angelfire.com/nd/hallowboy/ProxyAnon2.txt http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-50.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-150.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-200.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-250.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-300.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-400.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-500.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-650.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-750.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-700.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-800.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-850.asp http://www.atomintersoft.com/Anonymous-ProxyList/Anonymous-ProxyList-900.asp http://www.multiproxy.org/anon_list.htm http://www.samair.ru/xwww/proxy.htm http://www.samair.ru/xwww/101-200.htm http://www.samair.ru/xwww/201-300.htm http://www.samair.ru/xwww/301-400.htm http://www.samair.ru/xwww/501-600.htm http://www.samair.ru/xwww/601-700.htm http://www.samair.ru/xwww/701-800.htm http://www.samair.ru/xwww/801-900.htm http://www.samair.ru/xwww/901-1000.htm http://members.tripod.com/~webmaster5/proxylist.txt http://www.geocities.com/SiliconValley/Campus/2167/NonSpillArive.html http://www.fortunecity.com/skyscraper/millenit/1069/ http://www.angelfire.com/wy/waynes/0proxies.html |
| http://members.tripod.com/burn77/proxies.html & http://www.oddworldz.com/sbforum/proxy.html (n/t) (17/01/02 10:22:45) | |
| Re: You need proxies in order to buster :-) (17/01/02 18:28:27) | |
|
| more peroky, but the previous ones are probably better (17/01/02 23:35:18) | |
24.1.56.148 3128 4:45:25 194.67.2.155 8080 3:00:11 64.229.79.154 8080 23:25:12 202.95.38.74 8080 23:23:08 blacklight.ca 8080 23:22:43 202.57.0.122 8080 23:21:36 202.155.87.57 8080 21:03:00 203.5.210.250 8080 21:01:43 mail.roi-opl.nl 1080 20:57:41 24.156.184.57 1080 20:50:17 proxy.siamcom.co.th 8080 20:46:15 66.110.134.118 1080 19:32:06 mail.faellasufa.org 8000 19:23:44 mail.octora.org 8000 19:19:33 mail.iiweb.co.za 8080 19:18:48 202.150.36.6 8080 19:16:52 cache1.asianet.co.th 8080 17:54:37 193.179.213.1 3128 17:47:17 217.6.135.138 1080 16:53:42 mail.rhs.bs.ni.schule.de 3128 16:03:29 207.0.229.23 1080 14:34:03 204.210.159.96 3128 10:51:37 200.21.90.65 8080 07:07:04 202.131.113.3 8080 06:32:45 202.95.150.168 8080 06:32:10 202.138.229.165 8080 06:31:39 210.23.241.24 8080 06:30:47 202.155.120.13 8080 06:29:49 210.184.28.170 8080 06:29:14 202.150.47.11 8080 06:27:10 168.10.60.11 8080 06:26:54 193.188.95.146 8080 06:26:28 210.23.242.110 8080 06:26:12 193.70.181.3 8080 06:24:14 210.126.213.2 8080 06:23:39 195.235.18.2 8080 06:23:19 203.93.167.63 8080 06:22:44 202.155.87.57 8080 03:56:45 203.176.46.220 8080 03:47:50 193.252.31.118 1080 03:00:21 host091130.metrored.net.ar 8080 02:11:26 202.95.36.132 8080 02:09:01 202.161.158.28 8080 02:08:07 202.158.54.110 8080 02:07:00 206.142.245.163 8080 02:06:18 202.95.38.74 8080 02:05:29 203.130.224.26 8080 02:03:55 202.56.202.8 8080 00:22:39 210.96.2.53 8080 00:13:39 202.133.71.1 8080 00:00:11 202.150.36.6 8080 23:32:25 212.118.2.194 8080 23:32:04 195.178.49.173 1080 23:14:21 24.156.184.57 1080 23:09:40 62.193.128.52 8080 23:11:48 209.136.43.2 8080 23:10:48 213.47.52.45 1080 23:10:22 24.24.4.22 1080 23:09:31 209.187.193.178 1080 23:08:56 24.1.56.148 3128 23:08:38 194.77.203.146 8080 23:07:20 24.103.82.6 1080 23:06:32 62.163.20.9 3128 23:05:02 204.178.119.106 8080 23:04:51 139.91.254.18 8080 22:23:30 193.179.213.1 3128 22:22:48 193.171.90.202 3128 22:22:24 193.165.160.126 3128 22:21:34 151.39.89.5 3128 22:21:13 194.51.10.249 3128 22:20:02 proxy.nir-oz.knet.co.il 8080 20:39:38 proxy.utad.pt 8080 20:39:06 l mail.iiweb.co.za 8080 20:38:31 mail.mototech.gr 8080 20:38:11 proxy.camtech.net.au 8080 20:37:33 cache1.asianet.co.th 8080 20:37:04 e017.dhcp212-198-221.noos.fr 8080 20:36:25 mail.ilse.de 8080 20:34:24 mail.rhs.bs.ni.schule.de 3128 20:33:41 12.34.32.127 1080 20:33:26 12.34.32.113 1080 20:33:08 12.34.32.112 1080 20:32:37 205.235.5.147 3128 20:32:15 12.34.32.110 1080 20:31:52 212.216.22.69 8080 20:31:28 212.199.26.42 8080 20:30:59 212.184.170.227 3128 20:30:37 12.152.195.240 3128 20:29:50 212.19.41.31 3128 20:29:51 12.25.244.123 3128 20:25:01 12.25.244.122 3128 20:24:03 12.25.244.121 3128 20:23:13 12.25.244.120 3128 20:22:43 12.21.92.203 3128 20:21:18 12.21.224.99 8080 20:04:19 12.2.124.10 8080 20:02:16 12.21.224.97 8080 20:00:47 12.27.43.39 8080 19:56:34 12.27.43.39.stc.nc.chartermi.net 8080 19:56:06 cols208769179.cols.net 8080 19:51:48 12.27.108.7 8000 19:48:44 12.26.200.130 8080 19:47:31 211.98.126.19 3128 19:43:28 217.8.33.50 8080 19:43:01 iservice-gera1.m-logix.de 3128 63.121.155.253 8080 19:42:42 63.149.176.3 3128 19:42:11 63.167.154.22 3128 19:41:45 bess.proxy.lacoe.edu 8080 19:41:06 63.173.86.32 8080 19:40:45 63.228.236.2 3128 19:40:01 211.46.115.130 3128 19:39:38 63.94.97.34 3128 19:39:10 202.29.15.4 8080 19:39:07 66.20.11.201 3128 19:38:41 199.3.237.2 3128 19:38:31 cache4.asianet.co.th 8080 19:38:22 gateway.bst-servo-technik.com 8080 19:38:10 mail.barneyfilms.com 8080 19:37:19 62.153.163.82 3128 19:36:47 62.153.163.164 3128 19:36:12 62.140.20.222 3128 19:35:22 216.167.117.230 8080 19:35:04 proxy0.openoffice.ch 3128 19:34:56 216.167.57.190 8080 19:34:34 216.167.127.156 8080 19:34:13 216.167.117.148 8080 19:33:42 proxy.groomlavers.com.au 8080 19:33:15 gteb152.isomedia.com 8080 19:32:46 h004005a3465f.ne.mediaone.net 3128 19:32:45 karti.karlova.tartu.ee 3128 19:31:30 pc36.servcomp.chilesat.net 8000 19:30:50 proxy.pcn.net 8080 19:30:03 uswa106.isomedia.com 8080 19:29:57 211.57.50.161 3128 19:28:53 gogo.aquasoft.cz 8080 19:28:31 hh-ce1.net.monmouth.edu 8080 19:28:15 wwwcache.uhi.ac.uk 8080 19:27:37 216.167.47.25 8080 19:27:15 216.167.127.161 8080 19:26:51 203.148.249.207 3128 19:26:43 ns1.infoasiamedia.com 8080 19:26:15 bach.lutarc.com.br 3128 19:26:01 cache.bt.net 8080 19:25:24 cache.btinternet.com 8080 19:25:08 216.167.57.189 8080 19:24:57 200.14.206.169 3128 19:24:04 bess-proxy.msdwt.k12.in.us 8080 19:23:55 200.12.224.53 3128 19:23:49 gate.walter-hebel.de 8080 19:23:26 199.3.218.25 3128 19:23:20 mail.tktk.ee 1080 19:22:39 202.183.202.254 3128 19:22:28 202.28.25.162 8080 19:22:06 202.28.24.98 8080 19:21:26 202.28.25.50 8080 19:21:11 204.180.48.2 8080 19:20:55 202.28.25.124 8080 19:20:09 202.28.25.57 8080 19:19:44 praha.vzh.cz 3128 19:19:34 202.28.50.193 8080 19:19:20 200.54.149.210 8080 19:18:58 202.28.50.229 8080 19:18:43 orfeus.svos.ipex.cz 3128 19:18:34 202.28.54.254 8080 19:18:03 202.28.58.105 8080 19:17:46 ghost.spacecom.cz 3128 19:17:38 202.29.14.3 8080 19:17:24 202.29.14.4 8080 19:16:38 202.29.14.65 8080 19:16:20 213.40.67.66 8080 19:15:59 202.29.32.1 8080 19:15:43 202.29.80.10 8080 19:15:08 202.29.37.1 8080 19:14:42 presfa.lnk.telstra.net 8080 19:14:40 203.172.23.99 3128 19:13:35 207.115.179.10 3128 19:12:26 208.137.141.29 3128 19:12:06 208.213.223.250 3128 19:11:48 211.46.115.130 3128 19:11:44 210.240.18.1 8080 19:11:17 202.29.15.4 8080 19:11:07 210.240.30.129 8080 19:10:53 199.3.237.2 3128 19:10:16 mail.barneyfilms.com 8080 19:09:26 204.180.48.2 8080 19:09:27 cache.btinternet.com 8080 19:08:22 gogo.aquasoft.cz 8080 19:08:01 ns2.rosugol.ru 3128 19:06:44 wwwcache.uhi.ac.uk 8080 19:07:46 64.34.188.25 8080 19:07:11 212.34.39.161 3128 19:06:04 proxy.pop-rio.com.br 3128 19:05:35 cache-b.interl.net 3128 19:05:17 gateway.bst-servo-technik.com 8080 19:04:52 sirius.idacom.net 3128 19:04:14 proxy0.openoffice.ch 3128 19:03:10 202.58.199.122 3128 18:58:58 orfeus.svos.ipex.cz 3128 17:45:28 ms.eco.cz 3128 17:45:04 I metromat.horice.cz 3128 17:44:57 211.250.81.124 8080 17:44:37 ftp.umhk.cz 8080 17:44:27 200.41.85.25 3128 17:43:31 200.40.37.209 3128 17:43:13 200.25.13.131 3128 17:43:03 200.248.190.50 3128 17:42:36 superfly.bordercity.com 3128 17:41:20 200.21.227.60 3128 17:42:19 200.203.140.195 3128 17:42:08 kia-ts2-2500.tpgi.com.au 3128 17:41:50 servidor.cadem.cl 8080 17:41:34 216.167.117.148 8080 17:41:10 firewall.nscs.com 8080 17:41:03 orion.venco.com.pl 3128 17:40:15 ns.prosoft.com.pl 8080 17:40:07 ce1-eth0.icm.edu.pl 8080 17:39:57 gateway.cocosperth.com 8080 17:39:43 galaxy.cvpc.edu.ph 3128 17:37:12 webcsh.jonet.com 3128 17:37:41 bess2.li.net 8080 17:36:58 squid6.uhi.ac.uk 8080 17:36:22 office.iptelecom.net.ua 3128 17:34:35 212.98.137.82 8080 17:35:14 ranco.ulagos.cl 3128 17:35:06 hemhart.gw.bit.net.au 8080 17:34:59 pmh.co.za 3128 17:34:05 CST h066060045002.isol.net.ar 3128 17:33:57 menatep.stl.ru 3128 17:33:41 CST 63.166.194.67 3128 17:33:34 redcom.tres-com.com 3128 17:33:25 nibong.riy.ac.th 8080 17:33:15 uswb124.isomedia.com 8080 17:32:54 tur.vris.net.ua 3128 17:32:26 ann.phys.sci.osaka-u.ac.jp 3128 17:32:13 shiokawa.y-min.or.jp 3128 17:32:02 mtd.champ-j.co.jp 3128 17:31:51 203.56.134.236 8080 17:31:30 203.93.185.252 8080 17:31:18 209.20.170.227 8080 17:31:06 uhuru.uni.opole.pl 8080 17:30:49 200.17.141.45 8080 17:30:39 80.76.0.40 3128 17:30:31 210.111.235.162 8080 17:30:16 210.96.12.251 8080 17:29:53 210.96.10.3 8080 17:29:36 chps.tcc.edu.tw 3128 17:27:50 193.171.90.202 3128 17:27:39 196.25.143.222 8080 17:26:08 196.25.155.210 8080 17:26:00 193.15.237.3 8080 17:25:51 200.21.215.241 3128 17:25:37 lon-proxy.intensive.net 8080 17:25:29 195.126.209.194 8080 17:25:21 193.15.237.6 8080 17:25:12 202.14.117.2 8080 17:24:09 203.25.188.11 3128 17:23:50 211.34.136.161 8080 17:22:27 llsou.worldonline.cz 3128 17:22:04 thehal.lnk.telstra.net 3128 17:21:21 sushi.lakes.com 3128 17:21:11 moloch.3dmedia.it 8080 17:20:41 kondor.mpiew-jena.mpg.de 3128 17:20:01 dialina3.qconline.com 8080 17:19:54 205.235.5.147 3128 17:19:07 212.184.170.227 3128 17:18:56 212.19.41.31 3128 17:17:38 212.216.22.69 8080 17:17:15 212.199.26.42 8080 17:16:51 cache-fxp0.sdnap.caida.org 3128 17:15:38 proxy1.hrz.fh-zwickau.de 3128 17:14:49 CST radius.intnet.td 8080 17:14:41 proxy.cse-online.de 3128 17:14:34 cache1.picknowl.com.au 8080 17:14:25 iservice-gera1.m-logix.de 3128 17:14:08 210.117.65.45 8080 17:13:38 210.103.26.132 8080 17:12:57 202.28.50.199 8080 17:12:02 atm1-0-core.artcom.pl 8080 17:03:22 dns1.simple-net.co.jp 8080 17:02:33 ns.gurukun.co.jp 8080 17:02:25 ns01.ymm21.co.jp 8080 17:01:45 152.101.48.28 8080 13:12:10 63.166.194.67 3128 12:54:48 62.176.113.130 8080 11:42:59 CST mail.novatronic.com 3128 11:26:57 dns.lumberjack.com 8080 11:14:47 benefit.bm.anet.cz 3128 11:00:01 195.231.103.130 1080 08:19:42 203.213.0.3 3128 07:35:03 tow-ts1-2500.tpgi.com.au 3128 07:33:55 64.2.39.98 3128 07:33:17 212.127.134.127 8080 07:15:43 203.197.94.133 3128 06:50:11 correo.novatronic.com 3128 06:45:24 cache02.onetel.net.uk 8080 06:37:45 wml.whereryou.com 3128 06:35:50 mez.com 8080 06:35:14 211.248.211.195 1080 06:29:09 202.155.1.2 8080 23:39:41 cache.vertis.nl 3128 19:04:45 wwwproxy.xs4all.nl 8080 12:44:21 202.58.199.179 3128 09:11:30 202.58.199.124 3128 08:57:18 cache.unice.fr 8080 08:36:03 cache3.neti.ee 8080 08:13:43 cache2.neti.ee 8080 08:13:14 cache3.estpak.ee 8080 08:12:45 cache2.estpak.ee 8080 08:12:24 proxy.cilea.it 8080 06:56:24 cache-har.cableinet.co.uk 8080 18:45:35 62.176.113.130 8080 18:22:21 miro 213.36.82.226 8080 16:51:01 roset.sookmyung.ac.kr 8080 16:37:24 203.251.21.200 8080 14:49:43 server2.ircom.com.ar 1080 13:37:59 bryan.resmaster.com 1080 13:37:40 webmailserv.centuriononline.com 1080 13:37:04 firewall.union-gas.com 1080 13:36:30 post.crosna.ru 1080 13:35:39 dns.lumberjack.com 8080 13:34:06 202.58.199.122 3128 11:25:01 213.36.140.190 8080 10:50:15 213.36.140.166 1080 10:49:18 213.36.131.116 8080 10:47:42 213.36.131.72 8080 10:46:39 213.36.130.78 8080 10:41:25 213.36.130.38 8080 10:41:03 213.36.129.63 8080 10:40:31 213.36.129.50 8080 10:39:43 213.36.127.1 8080 10:38:16 213.36.124.88 8080 10:37:55 213.36.122.227 8080 10:37:01 213.36.122.178 1080 10:36:03 213.36.120.250 8080 10:35:19 213.36.120.201 8080 10:34:56 213.36.119.69 8080 10:33:09 213.36.116.174 1080 10:30:11 213.36.101.185 8080 10:26:04 213.36.101.186 8080 10:25:49 213.36.101.178 8080 10:25:32 213.36.101.177 8080 10:25:19 gate.walter-hebel.de 8080 10:25:00 213.36.101.44 8080 10:24:58 213.36.101.43 8080 10:24:43 213.36.101.41 8080 10:24:26 213.36.101.42 8080 10:24:12 213.36.100.210 8080 10:23:53 213.36.100.209 8080 10:23:35 213.36.98.8 8080 10:21:53 |
| You need proxies in order to buster? NO! There's another way :) (17/01/02 23:40:43) | |
:) http://spots.flatland.com/ripperzcrewz/cc.htm |
| might be worth a look (18/01/02 02:46:16) | |
a few seem to have expired unfortunately :-( |
| Re: might be worth a look (18/01/02 03:01:00) | |
|
| Re: Re: might be worth a look (18/01/02 20:49:28) | |
just a few extras to add to your already great list... some of these are repeats as we know some people have user/pass out in the open and the tricks are to create keywords to capture them... and one bread crumb leads to another I will refrain from hyper links here (sorry) line broken, rebuild it http://www.google.com/search?q=cache:G5G2uBqcAC8C:homework.syosset.k12.ny.us /onlinedbs/HBTDatabases/+%2Blibrary+%2Busername+%2Bpassword+sirs&hl=en it seemed to me while glancing at the returns another idea hit me... Notice in your sirs returns that the USER begins "NY#####" well while looking at this page (at googles above url at the 5th link): line broken, rebuild it http://www.google.com/search?q=cache:G5G2uBqcAC8C:homework.syosset.k12.ny.us /onlinedbs/HBTDatabases/+%2Blibrary+%2Busername+%2Bpassword+sirs&hl=en (more userpasses :) however my point (sorry) .............at the very last link at CERF it says...New York State standards N Y......New York? a new York User-Number? would that then mean that california would have CA#####...? http://www.google.com/search?hl=en&q=%2Blibrary+%2Busername+%2Bpassword+sirs+CA yep! :) ...seems to be a california and a massachuttes number on the first page.... now i am having no luck accessing sirs as it kicks me out as recognizing my ip (oooppss) but the resources in googles returns have lots more userpasses to other places as my bonus :) line broken, rebuild it (http://www.google.com/search?q=cache:5OZy1PfS59kC:web.aacpl.lib.md.us /bestsites/magazines.htm+%2Blibrary+%2Busername+%2Bpassword+proquest+Welcome&hl=en) ahh... so we get proved correct in this above case...this person has the same usernamepass at many sites! (I tested one and got thru... http://proquest.umi.com/pqdweb?RQT=306&TS=1011372558) I see where you got that RQT now at least loki :) .............http://www.google.com/search?hl=en&q=+site:proquest.umi.com+RQT%3D notquiet sure what all that is but looks like 341 gets in...same as above one though...heres a different number though; goes to an author search page http://tpdweb.umi.com/tpweb?RQT=810&TS=1011382089 using the search gave me returns... so seems to work so if we now search for the userpass and we get some more lists of access-links http://206.15.40.17/bestsites/databases.htm can someone double check this one for me... am I actually gaining access to sirs; or only some subdivision of it? http://www.nassaulibrary.org/lynbrook/yourhomedata.html ... click on the hyperlink at the bottom of page which includes a user number to sirs ... or go direct to line broken, rebuild it http://sks10.sirs.com/cgi-bin/hst-frontpage?CUSTNUM=NY0433&STARTPAGE= none&RES=Y&WCN=N&LNK=N&REN=N&GOV=N&DIS=N&T=1011379935&C=1879448903 looks like maybe access to me..?? .the links work anyway...some more url words to play with though eh loki? :) now that is something to note also... this is the second Library today where the user and pass were the NAMES of the Library itself ... this one was lynnBrookepl (lynn brooke Public Library) and one above was the Arundel Library)... hummm barcode library Card numbers... hummmmmm so many damned places and users and passes now i can't even seem to begin to begin :) just as 'members' was a keyword for p o r n sites Library (as loki saw) seems to be a great key for schools so much to do and so little time |
| Re: might be worth a look (18/01/02 23:53:31) | |
but gave instructions how to do so not just a link. And i think your right its all on the username, city/library/college/school, passes are normally simple, you search for the usernames below u get the districts using them, so there might be a code somewhere, zip mixed with something maybe? I'll look into it more tomorrow. Electric Library EDUMark http://www.elibrary.com/s/edumark/ User: SUBCHJWJ06417 Pass: 12345 INET Library http://www.inetlibrary.com/ User: BCHJWJ06417 Pass: 12345 Electric Library Plus www.elibrary.com/s/plus/ User: subanna45302 Pass: 12345 |
| Re: Re: OMGawd (19/01/02 03:07:58) | |
while searching for wierd combos of passwords ie: 11111 22222 abcdef etc... (yes they do exist) I happened to try states; one I tried was password:alabama i think only 2 returns...one was a Huge porn listing with user passes line broken, rebuild it http://www.google.com/search?q=cache:smLJ0fQKsTkC:afs4.njit.edu /~axs5902/porn.txt+username+Password:alabama&hl=en I saw something strange scanning the list, a guy had listed his user as: blablabla@hotmail.com password is ---- then I saw more of them yup---- u guessed it ....one of the guys was lazy and used his real account password ...http://www.google.com/search?hl=en&q=majinar%40hotmail.com see roscoe? not that I tested it but geeeeeeeeeeesh the guy has over 700 porn mails in there whewwww :) wonder how many of those @aol.com guys on the list with passes were lazy guys? |
|
|
|
Schon haengen die Lampions wie bunte Trauben An langen Schnueren ueber kleinen Beeten Den gruenen Zaeunen, und von den Staketen Der hohen Bohnen leuchtend in die Lauben |
Password_1: ShdLwbT Password_2: AlSukB Password_3: ShdLwbTAlSukB SuperPassword_4: ShdLwbTAlSukBDgZuvdSdhBlidL |
| (Georg Heym) | |
|
|
