Page 2 of 10

Posted: Tue Nov 07, 2006 9:19 am
by Luchux
Hi buddy I'm new in the forum!
Some times ago, I get an friends ip doing what genix1314 posts. We were chating in msn, and I had got the apache web server running on my pc, with some pages i was making... so I pass an url (i had got virtual hosts), to my friend, he access my web, and then his ip was in the logs of apache in /var/log/httpd/access-log (in my trustix server).

That kind of hacking, obtaining ip in this way, is a social hacking. Its very useful.
If you haven't got an apache web server, You could try another client-server service in your pc, and if it not write logs, you could sniff your connection. Remember that may be the client connected to your ip is connected throw a proxy or a gateway, and the ip you get is the proxy one.

Well, try something, and tell here your results! :D
bye bye
pd: Sorry my English, I speak Spanish (I'm from Argentina).

Access Diver help

Posted: Thu Nov 09, 2006 1:19 am
by ricknasty
I am a newbie here at hthreads.org. I just installed Accessdiver and read some tutorials on it, pretty straightforward, I figured out the Proxies section, however I am having problems with wordlists. After I load my wordlists combos and proxies, I start the brute force, but get no results... I've tried thousands of different wordlists. Can somebody give me some pointers on how to get the best wordlist combos. Also, how many words should I load...Should I load the same words on the username and password. Does accessdiver automatically find the combos of your words for username and passwords? Right now I am wasting all of my proxies because I get no results and have to start all over again!! Please help...

Re: Access Diver help

Posted: Thu Nov 09, 2006 4:13 pm
by NoUse
ricknasty wrote:I am a newbie here at hthreads.org. I just installed Accessdiver and read some tutorials on it, pretty straightforward, I figured out the Proxies section, however I am having problems with wordlists. After I load my wordlists combos and proxies, I start the brute force, but get no results... I've tried thousands of different wordlists. Can somebody give me some pointers on how to get the best wordlist combos. Also, how many words should I load...Should I load the same words on the username and password. Does accessdiver automatically find the combos of your words for username and passwords? Right now I am wasting all of my proxies because I get no results and have to start all over again!! Please help...
Dictionary attacks are not guaranteed! There are billions of different combinations that are out there. And think about this, a combo list that has 100,000 different combinations is still probably less then 1% of all possible combinations.

You need to actually use some intelligence in determining what kind of word list you should put together. Ask yourself "What is the website/forum/etc.. about?" If it's about mountain biking, isn't likely that the user base is going to be familiar with it? So try to find a word list that pertains to outdoors, biking, mountain biking, etc.. That's the general idea you need to use when trying to compile a list.

Posted: Thu Nov 09, 2006 4:24 pm
by PrettyPlease
OK so

1) I am peed off
2) I am no hacker
3) I dont want to make a career out of hacking

My prob is the following; an underground board has been established on a vBulletin 3.5 board that I use and its sole use is to slag off users of that board and another and I KNOW 100% that it is being used to discuss me and my friends (dont worry, I am no child, I am over 30!)

I know the usernames of the people involved but I cannot brute force the passwords as you only get 5 tries (think I am right there). However, I havent persevered with trying various passwords as I am concerned that the admin of the site will be able to trace these failed log in attempts to me.

So questions are:

1) CAN admin trace failed log in attempts to an IP address?

2) Anyone know a way for me to search for passwords of the users I know are using this hidden board?

3) Should I just grow up and not care that my good name and reputation is being slandered :?

Could be an interesting project for someone with more time than me! I have hummed and hahed about this as my account on the other board has already been hacked and exploited (my fault, crap pw) but I dont want to expoit anyone or cause havoc, I just want to read what has been written.

*ducks ready for the rock throwing*

Posted: Thu Nov 09, 2006 4:35 pm
by netphreak
You're worried about your name being "slandered" on an underground forum on the internet?

And as far as I can tell, you're not even fully sure that you're being talked about. Sounds like little kiddie drama to me. Let it go.

Posted: Thu Nov 09, 2006 4:41 pm
by PrettyPlease
Thanks but I am aware that it is going on as a third party has seen the evidence - the people involved are supposedly friends of mine - call it childish if you like, they are, I am not, but I feel I have a right to know exactly what is beng said! This isnt just some chat site, its regarding business and the good name I have created for myself - its simple jealousy but hey, it would piss most people off too!

Posted: Thu Nov 09, 2006 6:14 pm
by netphreak
Then if it has you so pissed off, why not ask the admin?

Posted: Thu Nov 09, 2006 6:22 pm
by PrettyPlease
Because unfortunately admin is a part of it - anyway, best let it lie or go round one of their houses, drug them and log in that way :wink:

Posted: Thu Nov 09, 2006 10:27 pm
by Pleo
Dude, deal with it. Your name is going to endure slander at some point. Your response to their behaviour isn't indicative of a thirty year old, so I would suggest developing a little emotional fortitude.

Here is the advice I was given when younger "Ignore them and they will stop", loosely translated "build a bridge and get over it."

If you can't deal with the fact that they are doing it apply for an injunction to have the activity stopped ... courts are there to escalate poorly financed private wars.

Posted: Thu Nov 23, 2006 3:43 pm
by foxman
Hello Guys,

Sorry for posting my request here, but I preferred to do so to prove that I've read this thread before requesting.

I need to know simply how to crack a hotmail account? Yep your right, it's stupid request, but since I'm new member, I need just to be guided which threads or web pages I should read no more, that's it guys

waiting for your responses

Posted: Thu Nov 23, 2006 4:25 pm
by Nullset
http://www.searchlores.org

I didnt gave you a google link coz i thought you wont be intelligent enough to use google and moreover i wanted to help you. but still people here dont teach you how to hack hotmail so try somewhere else and spam some other forum.

Posted: Thu Nov 23, 2006 11:27 pm
by netphreak
If he had read the rules, then he would've known that asking for help hacking hotmail is in said rules.

Posted: Sun Dec 10, 2006 3:52 pm
by Randanon
Hello, I am a Newbie.

I have looked extensively through Google (maybe I just suck at Googling), but I can't find a Windows compatible tool that can:

1. block packets from being sent
2. allow user to edit the packet data
3. resend the packets

This would be very helpful to me, many thanks if you can help.

Randanon

Posted: Wed Jan 03, 2007 10:59 am
by NickdebinkNL
Nice tut.

didn't know where else to put this

Posted: Sat Jan 06, 2007 2:28 am
by illmatic
A person on a website has been stealing my graphics and I would like to hack their account to delete my works. The current TOS on the website don't offer any reprimations for such incidents, which is why I have turned to hacking. Obviously I'm new at this, so please go easy. I have read the tutorial on Password Stealing but have a few questions in reference to the link offered to explain BruteForce.

First off, the links for the dictionary/password lists or what have you are defunct so is there any way I can be directed to a working address? If not, I would like to have suggested key terms I should enter in Google to locate one.

Two.. there is a line in the tutorial that confused me somewhat. Under CH. 2 for Http, it says this :

``For this target we will put that into the Primary response field Once this
is done, we click ok, add the IP into the Target Field and start our crack.``

Okay... one, what exactly does start the crack imply? Do I have to manually do more work or is the program going to render me a working pw? And two, when they say add IP into the target field.. do they mean mine or am I supposed to have the IP address of the person I want to hack?

Thanks in advance.

Posted: Wed Jan 10, 2007 9:29 am
by BattousaiX
Illmatic, I don't get your thought process.

Bandwidth stolen happens everywhere, yet you want to go overboard by removing an account.

I would suggest researching rewrite rules and .htaccess for blocking image linking to your site.

Here is an example.

http://www.clockwatchers.com/htaccess_images.html

Someone doing anything else to post to your topic to help you in destruction would only increase your chance of becoming a script kiddie and caught rather fast.

Posted: Wed Jan 10, 2007 9:45 pm
by illmatic
Though I appreciate the help, you did not read very carefully at all. I did not say they were hot-linking which would be how my bandwidth is stolen. What I said is that they stole my graphics. Also, nowhere did I say I wanted to delete their account. I stated that I would like to delete MY graphics from their account. And last but not least, this is probably more my fault than yours, but I did not indicate that they were stealing from "my site". It is not a traditional website in the sense of me owning my domain but rather a journal site. (This is why I said THE website -- not my website -- does not offer any reprimations for those who steal people's work via their Terms of Service due to the fair use copyright law.) I'm not going "overboard" in my thought process, as I do not intend to "hack" for malicious purposes. I like to make graphics, dedicate a lot of time in doing so, and someone has stolen nearly 50 things that I've made. That, to me anyway, is unethical.

Posted: Wed Jan 10, 2007 10:03 pm
by Cool_Fire
Well, if you hold the legal copyright to these graphics, you could just sue them. However, it's doubtfull you copyrighted every bit of work tho, so that's most likely not an option.

It might be a bit too obvious, but have you just tried to e-mail whoever is using them? Just ask them to not use them, or at least give you credit for it or something.

Personally tho, I'd think it'd be pretty cool if someone used my graphics, it's certainly a sign it's being appreciated.

Posted: Wed Jan 10, 2007 10:21 pm
by Aiden
illmatic, I'm not telling you how you can get these already stolen images back, but for future reference if you did indeed create these pictures, here are a few tips you can follow:
(Keep in mind, each as it's own pros and cons, choose the one(s) that are best for you)
Using a digital watermark

A watermark is not actually a mark at all but rather an invisible tag added to an image file. The mark is not evident when viewed on a computer screen or when it is printed. The process was developed for photographers to attach their names and image details for cataloguing and circulation amongst the advertising agencies. Unfortunately the tag may be removed in one of the many graphic applications that support the plug-ins used and offers no protection for creators nor deterrent to copy thieves at all!
Using a transparent layer

Use of a clear gif in a layer over the top of an image was first developed by ArtistScope years ago. Back then most users were still using browsers that did not support layers and the method, although cited by many of the copy cats in this industry, is easily circumvented. [Such as checking the source code for the image name.]
JavaScript and "no right click"

No right click scripts may be a deterrent to newbies on the Internet, but they are merely just that... tools for amateurs, and if anyone really wants your image (even an amateur) they will get it with little difficulty.

[If you want the code for this, I'm sure it's plastered all over the internet.]
Using applets to protect images

There have been many simple image applets offered as "image protection". Without using encryption and domain lock, the protection is only superficial. ArtistScope's strategy offers the most effective protection available where the images are encrypted and domain locked, making them un-viewable away from the owner’s website. It offers protection against mouse click saving, the use of grab type software, and bandwidth theft through unauthorized and direct linking. It is safe from all avenues of copying except screen capture.
These quotes all came from http://www.artistscope.com/techniques.htm .

There are other techniques there, but I picked out the ones that would most fit your needs I think.

NETBIOS LOGIN HELP

Posted: Fri Jan 12, 2007 8:35 pm
by visari
Hello.

I have scaned an ip with gfi languard and i have found the port 139 open.I am connected to this computer and i could copy and delete files but i dont know how to remote login to this Ip.The username is administator and there is no pass (gfi languard information) but i dont know how to login or how to install in the remote computer a backdoor or something else.Please help me