Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
May
S M T W T F S
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31
Sponsored Links
Latest Postings
Topic Options
Rate This Topic
#6678 - 06/29/03 06:02 PM Brute Forcing .htaccess
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
Ok, I'm getting tired of seeing "How do I hack into a porn site". First off, the majority of "secure" "porn" sites use .htaccess for their authentication. In otherwords, if you see a little box pop up that sais "password" and "username" chances are it's .htaccess and .htpasswd that are blocking your way to your 20 seconds in heaven with Mr. Sock (or Ms. Mommies Panties, whatever floats your boat).

Now, how .htaccess looks is as follows:
Code:
AuthUserFile /var/www/html/members/.htpasswd
AuthName Paid Member 
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>
See that, pretty fucking basic 'eh? And I'll bet you that the majority of 'em look the same fuckin way too...

Now, the .htpasswd file looks totally differant, the passwords are encrypted, the username is not...

Code:
gizmo:gikZbrq7ZFQJ.
gizzy:gieKOUmNNB7go
giz:giL8X53UiINbs
neo:nenIgi4UdbW.M
weeve:we7dyaNzlm.Ag
newbies:neZgxh60ynKGU
See, the thing is, you don't need either of the two files to bruit force a thing... Their just given here as an example of how things work (when you learn, thats how you learn, otherwise you get left behind).

Now, theirs really only a couple of things you need...
1. A couple of proxy servers (if you want to remain anonymous, but lets be honest, you're goinna end up cracking some porn sites, wtf is goinna try to bust you for porn?)...
2. A bruit force program (We reccommend http://www.accessdiver.com for all of your Bruit Force needs)...
3. A members URL which uses .htaccess (for example: http://www.yourvictem.com/members/ )
4. A wordlist (you're on your own there, my wordlist is my baby).

Basically, in AD you load your wordlist, load your proxys, drop in your URL, click standard. After many hours of grueling work, if you have a good wordlist, you'll have a user/pass...

Now shur the fuck up with that damned question and go play with Mr. Sock.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
Sponsored Links
#6679 - 06/29/03 10:56 PM Re: Brute Forcing .htaccess
Joined: Jun 2003
Posts: 807
Ghost Offline
UGN Super Poster
Ghost Offline
UGN Super Poster

Joined: Jun 2003
Posts: 807
Wisconsin
How would you go about requesting these files?

Top
#6680 - 06/30/03 12:37 AM Re: Brute Forcing .htaccess
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
you're pretty much on your own there... We'll teach you to do some stuff but we won't hold your hand while you piss...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#6681 - 06/30/03 02:47 PM Re: Brute Forcing .htaccess
Joined: Mar 2002
Posts: 505
Crime Offline
UGN Super Poster
Crime Offline
UGN Super Poster

Joined: Mar 2002
Posts: 505
Tartarus

Top
#6682 - 07/02/03 04:52 AM Re: Brute Forcing .htaccess
Joined: Jun 2003
Posts: 807
Ghost Offline
UGN Super Poster
Ghost Offline
UGN Super Poster

Joined: Jun 2003
Posts: 807
Wisconsin
ahem thanx ahem

Top
#6683 - 07/05/03 05:04 AM Re: Brute Forcing .htaccess
Joined: Nov 2002
Posts: 43
vendicate Offline
Junior Member
vendicate Offline
Junior Member

Joined: Nov 2002
Posts: 43
Some porn sites have *hidden pages*

Use intelltamper, it looks in all the possible directories of the website http://www.intellitamper.com/

Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,194
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics45,743
Posts80,911
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 38,907
Gremelin 7,194
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 4 guests and 2 spiders.
Latest News