A full search (or "brute force" method ) is a method of solving mathematical problems. Refers to a class of methods for finding solutions by exhausting all possible variants. The complexity of a complete search depends on the number of all possible solutions of the problem. If the solution space is very large, a full search can not yield results for several years or even centuries.
Any problem in the class NP can be solved by a complete listing. In this case, even if the calculation of the objective function from each specific possible solution of the problem can be carried out in polynomial time, depending on the number of all possible solutions, a complete search may require an exponential running time.
In cryptography, on the computational complexity of a complete enumeration, the evaluation of the cryptographic strength of ciphers is based. In particular, the cipher is considered crypto-resistant if there is no "hacking" method that is substantially faster than a full search of all keys. Cryptographic attacks, based on the method of full search, are the most universal, but also the longest.
In English, the term "brute-force", considered in this article, usually refers to the class of hacker attacks. In this case, a more general concept, the mathematical method of exhausting all possible variants for finding the solution of the problem, corresponds to the term "Proof by exhaustion".
In order to get the password to the site, of course without the help of credit cards ,we need
program that will perform brute force, a list of logins and passwords, that is, a Word list or
combo sheet, and to ensure anonymity and more for something - we need a list of anonymous
proxy servers ... In order:
General principle of the program - the program takes the address of the members of the zone,
then from the leaves of the sheet takes a combination of a login-password, forms a request from it, sends a request
actually on the server, but does it through a proxy server, preferably anonymous ... Then the program
receives the server's response and analyzes it ... The purpose of the program is to filter out for us those answers that
match the correct login-password combination and save them ... This is in the primitive ... As a rule
Similar programs have many additional functions that are used during operation
(changing proxy servers, performing specified actions on error, different autopilots, well, etc.)
and used in preparation (proxy checking, sorting of sheets of sheets, checking found
passwords, etc.) ... The program, of course, can send many requests at once, which reduces
time of sorting out a certain number of passwords, that is, your Word Word ... Simply put -
the task of the program to form queries, ensure their rapid sending, maintain the correctness
and the anonymity of these requests, track server responses and keep the statistics we need ...
So that's all we needed to give the program: Word List, proxy list, address members of the zone.
Consider what it is and where to take it
Vord sheet is a text file in which there are variants of logins
and their corresponding passwords ... As a rule, programs for bruteforce use combo sheets that
contain the same data separated by a colon, for example:
email@example.com : 1937fl
and so on...
If you read from the left to the right all that before the colon is the login, all that after that is the password.
The colon is used only as a separator ...
Where do these sheets come from? They can be found in the section about brute-force and scan-lists, download on
other sites, compose yourself, generate the appropriate programs ... General requirements for
good word-lists: sheets should not be too large, opinions vary, but on average this is from
1 to 10 thousand combinations (of course, if you do not intend to scan the site, for example, with a small amount
members and alphabetically, there's really no getting around) ... The sheet should have real passwords, that is
This sheet should be made up of really used passwords to sites ... Of course they should
be correctly composed (syntax), it is desirable not to have repetitions (at least the time of the search
increases in this case) ... Sheets are desirable all the time to update, the productivity of the leaf is often
falls with his "age" ... This is all at least, but in general from the sheet very much depends, for example
I had cases when one sheet of 30000 did not give passwords at all, and another sheet of 1000 gave
dozens of passwords, so draw conclusions ... Let's consider, according to what signs are divided the Word lists:
Thematic sheets are sheets containing passwords only to sites of a certain subject, for example
fetish ... What is it for and what does it give? The fact is that members, that is, users who have committed
a mistake in life and through his credit card bought access to the porn site. often
gain access to several sites of interest to them, while the likelihood,
that they use the same combination of login-password is quite high ... Accordingly, having
The thematic Word of the page and using it for the scanning of the corresponding site we dramatically increase
their chances of finding a password, or passwords ... Thematic sheets are usually smaller in size than regular ones,
while more productive, so it is highly recommended to collect, compile and
use such sheets.
The sheets that meet the requirements of different billing are lists containing passwords that are composed
by rules imposed on the user by a certain payment system ... For example, some system
requires that you use the e-mail address as your login and the digits in the password
at least 4 ... If we want to get a password for this site, that is, to a site on which
this billing is used, then it is more logical for us to scan just such sheets, otherwise we simply
we lose time and risk not to find anything, if for example it will be scanned by a sheet in which in the login
just words are used, and not e-mail. Requirements for different billing were in school.
Sheets, separated by some special features - such as with a login in the form of an e-mail, or in the form
19375843: 1054706, or containing only names, for example, janet: janet, bill: bill, containing,
such as the names of players or actors ... The options are mass, just divide by different characteristic
signs ... Why do you need this? For example, you scanned the site, and saw that among the passwords there are
combinations name: name ... It will be logical to start a sheet with names, the chances of finding more passwords in it
the case is more than just scrapping a sheet, with different passwords and logins ...
Well, probably enough for now, since the sheets can be divided and sorted to infinity
How to compose effective word-lists? Good results are obtained by collecting passwords on the forum ...
The main reason for this - the passwords are fresh and almost all living, working, well, or were those
most recently ... Collect thematic sheets on the forum - for example, a sheet in the section
fetish-bdsm will give unequivocally the best sheet, than downloaded it is unclear from where ... It goes without saying that such
sheets should be used for their intended purpose, that is, if it is fetish-bdsm then they need to be scanned
such sites, and not, for example, on the topic amateurs ... It is periodically useful to make sheets
from the history of its program for bruteforce, if there is of course something there ))
In general, you need to try to update the sheets more often, it's better to collect them yourself, pay attention
on what sheets you find more passwords, of which less ...
In any case, before you start scanning the site, you need to think about the password requirements,
what subject matter and whether you have a thematic sheet such ... What password can often be found out
using, for example, search on the forum or in google dial the address of the members of the site zone and see
all pages containing this word (by the way and a live password can be found) ... The best option -
this is when you think, checked the compliance of your sheet with the passwords that are on the site,
took or compiled a thematic sheet, and if it is fresh and the site is not protected from bruteforce -
your chances of finding the password are very high ...
List of proxy servers
Work through a proxy is necessary for many reasons ... To protect your loved one eg,
to preserve the survivability of the passwords found, because on some sites the password you have found
will work only through the proxy, using which you found it, more precisely when you call from another
a proxy server or without it the password will be blocked at once ... In order to defraud protective
server programs, as on many sites you will not be allowed to go through passwords from one
IP addresses ... In general, to work through a proxy is necessary, there are many reasons for this ... The essence of the proxy:
In short, we are mainly interested in the ability of a proxy to change your IP address ...
When connecting through a proxy server does not determine your IP, of course if the proxy is anonymous ...
The address is replaced with the IP of the proxy itself, or it is not determined at all ... There are many subtle moments,
For beginners it is important to know the basic parameters of the proxy. The level of anonymity is from 1 to 5 ...
It is recommended to use only a proxy with level 1 (highest) and level 3 ...
The rest just delete. Speed - well, everything is clear, like ... if you are not in a hurry,
then do not pay attention, but if yes - remove the slow proxy ...
You can take proxy lists at school, section All about proxy and self-defense, or you can download from others
sites ... You can also look for yourself, but it's not for beginners It's important to take a list of proxies,
after which you need to check it and filter out your server's unnecessary ... Check can be done,
for example, Access Diver'om ... The task to delete first not working proxy, then check for
anonymity and remove the proxy with a low level of anonymity, well, save it to a file
and use ... It is necessary to know that proxies have the property of dying, changing the level of anonymity,
change the speed ... Check should be periodically, the fact of a single check after a few
hours already nothing will not speak ... From the modest experience I know that using a proxy
1 and 2 levels, I almost every day to download a new list and check it ...
Routine of course, but otherwise it will not work ... More about the proxy can be read at school,
the beginner the main thing to understand, that it is necessary to use a proxy, it is necessary to check them constantly,
update their list ...
The format of the proxy sheets is a text file, contains the proxy address and port that is written after the colon:
Address of the members of the zone
Here everything is simple - this is the page where the window for entering the login and password pops up ...
You can take it by going to the site and copying the shortcut (right click on the inscription members and
selecting the copy shortcut) ... If the right button is locked, you can see the address below
in the browser, pointing the cursor to the appropriate link, or click on it and in the appeared
window click "cancel", in this case in the address bar most often remains the url of the members of the zone ...
The school has ready lists of members of the zones of sites, you can take there ... The main thing to give the program
the correct address, otherwise it will swear and write that there is no such address, or such an address
not protected by a password (this happens when for example the main page of the site has an inscription
members, but when you click on it, there is a redirect to another page, an intermediate page, and on it
already there is another link to the real members of the site) ... There's nothing more to write about,
Some tips for beginners
At this stage it is understood that you have an installed Access Diver program,
the installation and configuration of which in the school written a lot and different, there is a list of proxies,
which is checked and sorted, there are wizard (well or sheet) plus time, patience and
the desire to try the brute force in the business ... To begin with, some psychological aspects ...
It is required to understand that bruteforce takes time, sometimes not small time and, accordingly
patience ... At the first attempts it is rather difficult to resist and stop the program
at the first 10.20 or I do not know how many minutes there (depending on the desire and patience)
unsuccessful work ... In order not to be disappointed (mistakenly and unknowingly) in the brute force
immediately, and be disappointed in it then, going to the next step, would advise to begin
with a simple ... Do not immediately grasp the site, passwords are not on the forum, and you
you want to see ... Draw conclusions, if they are not there, then everything is not so simple, and it is quite
it's possible that you will not get anything right ... Vobschem should start with a simple one, it's rather
will give the result in the form of passwords, and that is not unimportant - it will dramatically increase your patience and
confidence in the correctness of actions ... Where can I get this simple? Also everything is easy to solve - be like
on the forum, look at which sites are post surfers, which sites have a lot of passwords from different surfers
and draw a conclusion that once it turns out for others, what makes you worse? Take these sites and try ...
At the very first attempts it is important to get at least some result, preferably at a price not very high
a lot of time ... If you're lucky, you can add the same posts where you took the address
(only search do not forget to use, so as not to repeat) ...
There is another option, the school has, for example, Tolstoy's post (stress on the first syllable, Tolstoy in the field
brute force is not an authority for us ))), which lists the relatively simple sites, as well as
Word list ... It is quite possible to get a hundred passwords for the evening, he tried it, and only then go to
more serious sites.
In general, the main thing at the initial stage of correct actions is to prove to yourself that this
works, gives a real result and is not too difficult, and develop further,
but not try, do not get anything, because of the wrong choice, turn it off
and quit this business ... And the passwords to good sites will not get anywhere from you, you need to wait a bit ...
It should be borne in mind that there are sites on which passwords are poured from Access Diver ...
If you see this - just see what the site is, it is possible that there are two or three dozen
pictures, and the value this site represents only for its creator and the fact that it has
links to other, normal sites ... It's all so cunningly conceived You do not need a dozen pictures,
turn off immediately ... On such a site you can find 500 passwords, they are simply registered there, the most
There are so many of them And even more so do not post them, who needs it?
I'm inexperienced to post a couple of times such, still conscience torments
Probably enough for a start ... I can not describe the program for brute-force, at school everything is there,
and manuals, and tips, and video file, even on Access Diver ... There all is not so difficult, download, read,
and try ... But first read a little at school to do everything right and get the result,
and there it goes by itself
All, I hope someone at least one of the written suggestions will help in the development of bruteforce