Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 24
Members Online: 7

Registered Members: 82878
Newest Member: defcon812
Latest Articles

Making Use Of AccessDiver

Arrow Image Using the freeware program AccessDiver to remotely run dictionary attacks on websites.



Ever wondered how porn-site cracking rings do what they do? Ever wanted to break into a remote password protected folder or test the security of your own protected folders? Here I\'ll walk you through a typical dictionary attack with Accessdiver.

First, you will need to download the program, naturally:
http://www.accessdiver.com/downloads.htm

Also download or create some wordlists:
http://www.theargon.com/achilles/wordlists/
http://wordlist.sourceforge.net/

Now, you need to find a target. AccessDiver can handle both Basic Authentication and HTML Form methods, but for today we\'ll be focusing on Basic Authentication, since it\'s rare to find vulnerable HTML Form logins.

So what is Basic Authentication? When you go to view a password protected folder, a box will pop up with a username and password input. You\'ve probably seen this already in one of the basic challenges (but don\'t even think about applying the methods taught here to this site, as they are STRICTLY prohibited in the rules!).

Alright, so lets get to the dirty work. Fire up your shiny new program. First thing you should do is go to the \"My Skill\" tab and set it to \"Expert\". Don\'t get scared now, its not as difficult as they make it out to be. Now, enter the URL of the folder you\'re trying to crack into the green field named \"Server\".

For Example:
http://www.vulnerablesite.com/foldertocrack

Sometimes it may not be a folder, but a subdomain.

For Example:
http://members.vulnerablesite.com

Next, load in your wordlists. Their default list is an interesting experiment, but won\'t always produce the stunning results a much better one will yield. If you know the username, you can fill a wordlist with just that username and try to match that against a wordlist of passwords. Otherwise, you can try matching two of the same wordlists together to take advantage of situations where the username and password may be the same (more common then you would think!). Be creative!

Now, DON\'T GO TESTING ANYTHING YET!

Think now, as to how you might feel if you had tested that server with thousands of requests from your OWN IP ADDRESS, and showed up clear as day in the servers logs where your intentions would be obvious to even the dumbest of webmasters. Before you can say \"hello officer\" you\'re slapped with a fine or a possible jail sentence.

So as you\'ve probably already guessed, we\'re going to get around this using PROXIES. AccessDiver has a very nice way to collect, test, and apply proxies from the web. The success of your operation relies heavily on the proxies you choose. Make sure \"Use web proxies\" is checked in the \"Proxy\" tab.

GETTING PROXIES:
Click on the \"Proxy\" tab and then \"Web Proxy Leecher\". You can also use the \"Proxy Hunter\", but that\'s more difficult and I rarely use it. Type in the \"URL\" field any of your favorite proxy listing sites (www.proxy4free.com/page1, etc), add them in to the list and press \"Start Leeching\". If all worked as it should have, you should see a sizable list of proxies in the black field to the right. Otherwise, try another web page. Click on \"Add these proxies in\" and make sure to press the \"Add to PROXY ANALYZER\" tab, as testing your proxies is the next crucial step.

TESTING PROXIES:
You should see your list of proxies labeled \"leeched\" in the \"Accuracy\" field. Make sure they\'re all selected, and press the \"Speed/Accuracy Tester\" button. When those are finished testing, right click the selected block and press \"Remove timeouts and bad results\". Now, and this is crucial, REPEAT THIS PROCESS AT LEAST THREE MORE TIMES. Some of the proxies may be unstable, and you need to pick the cream of the crop for your high demand needs. Once you have some good proxies, you should check them for anonymity with the \"Confidentiality Tester\". Make sure you have a checking site selected in the \"Anonymity Checker\" tab before you go about doing this. Good, now you have some fast, anonymous proxies. Select them and press \"USE Proxy\" and \"Add into my proxy list\".

I\'m not going to write about the \"Settings\" tab here, you should be able to read up and figure out which settings work for your particular situation.

Alright, you\'re ready! Wasn\'t so bad was it? Click the \"Test Basic-Authentication\" button and watch your strings scroll! When a weak login is found you will hear a noise and the corresponding username and password will be listed under \"Found Logins\". On some sites, redirections will also be weak logins, and then again sometimes all tries will return redirections, it depends on who you\'re trying to crack. Sometimes you may receive FAKE replies, which usually means the basic authentication is set to lock-out IP addresses after a certain number of incorrect tries. Pay close attention to the response you\'re getting from the server and act accordingly. You will learn a lot from trial and error.

Most problems with cracking will come from the proxies you are using, the program will remove them after enough timeouts during cracking, but this means you\'re losing possible weak logins that didn\'t get through. Make sure again that your proxies are the best of the best and remove them when they start to act up during cracking.

Hope you enjoyed this, keep in mind that this is only a tool, not a complete substitution for knowledge. Read up on exactly what you\'re doing before you go pushing buttons and clogging up information pipes. And I will restate that you should NOT apply the methods shown in this article to anything on HBH. Ever.

Regards,
_LLOH_

Comments

midoon April 11 2007 - 22:22:00
it's a very nice articleWink
Folk Theoryon April 11 2007 - 22:46:09
yeah lets all be SSSSSKKKKKKK no thanks
lesserlightsofheavenon April 11 2007 - 23:03:51
You can always code your own if you have the knowledge. This was clearly written for the average user who wants to experiment with remote password cracking rather then the seasoned code warrior. Pfft
wolfmankurdon April 12 2007 - 00:49:42
nevah heard of accessdiver. Folk Theory, using this isnt sk. depend son how you use it. In effect it's the same as cracking a hash.
Zephyr_Pureon October 14 2007 - 18:56:14
Well, it's an article about using a security tool. For the people above worried about being a SK... just code your own tool and use that. Otherwise, just stfu and appreciate it like you people appreciate the JtR and Cain articles. The article did what it set out to do, which is more than I can say for 90% of the garbage that gets approved.
spywareon November 06 2007 - 14:48:01
LMAO. I bet when you all are rooting something you'll use Nessus to scan the box, and metasploit to find to exploits. So who's the SK? SKs don't know how and what they are doing while using a program like this, that's the difference between them and "real" hackers.
DigitalFireon November 29 2007 - 00:10:48
good read, thanks lesser
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.