New to hacking, need help
-
- n00b
- Posts:2
- Joined:Mon Mar 06, 2017 2:19 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
How do I use Brutus? Not a specific function, just all of it. I'm trying to at least get it to grab my own tumblr account so I can make sure it works and works well. If it's not good to use anymore, what would you recommend and are there any tutorials? I plan to be a white or grey hat hacker.
- Cool_Fire
- Not a sandwich
- Posts:1913
- Joined:Fri May 09, 2003 1:20 pm
- Location:41 6d 73 74 65 72 64 61 6d
- Contact:
Re: New to hacking, need help
Don't. Write your own (for the reason of understanding what's going on) or failing that, use THC-Hydra.Vanux wrote:How do I use Brutus?
Very globally, it just tries username and password combinations until it finds one that works. Essentially everything in there is to configure what protocols and functions you want it to use. (This is pretty much the same for Hydra btw.)Vanux wrote:Not a specific function, just all of it.
It probably never will. Maybe if you give it one username and two passwords to try it won't trigger their brute force protection, MAYBE.Vanux wrote:I'm trying to at least get it to grab my own tumblr account
It's often not so simple to get it to work on modern websites. It requires quite a bit of knowledge about how HTTP works in general to figure out exactly what and where to send your auth attempts. And even then you'll often be dealing with things like CSRF tokens, which Brutus simply has no way to deal with.Vanux wrote:so I can make sure it works and works well.
Brutus' last update was some 17 years ago. Needless to say websites have changed since then and a lot of protection measures modern websites have are just not supported. And even when it was new, it still wasn't THAT good of a tool. Also pretty much any sensible modern website will have protection measures preventing you from just trying usernames and passwords endlessly. Generally they will start blocking you for a while after 3 to 5 failed login attempts. See my earlier response on what I'd recommend.Vanux wrote:If it's not good to use anymore, what would you recommend
There sure are! I would point you got Google, but that shtick is getting pretty old. I'll pick a short write up on the basic usage of hydra ... almost at random; https://github.com/radicallyopensecurit ... ing/onlineVanux wrote:and are there any tutorials?
Great! We need more. But I'd say take quite a few steps back and start with way more basic computer science and programming stuff. Hacking isn't about pointing tools at a website and hoping for the best. You need to know more about the system than the person that made it so you can spot the mistakes they missed. Then you know what and how you can attack, and THEN you can effectively use a tool to just make it easier for yourself.Vanux wrote:I plan to be a white or grey hat hacker.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
Hackerthreads chat, where the party is going 24/7.
-
- n00b
- Posts:2
- Joined:Mon Mar 06, 2017 2:19 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: New to hacking, need help
That's...quite a bit of info for me to take in, but...hey, I'm new as hell, so I'm not really surprised.
ooooh boy...
ooooh boy...