c-force tutorial

hi

wäre mal nett wen jemand ein tutorial für c-force machen könnte oder hier im forum genau erklären.

thx im vorraus



ps: mit suchfunktion hab ich nichts gefunden

A)General Cracking Background
1)Types of sites
2)Wordlists
3)Proxylist

B) Getting Started
1)Settings
2)Proxys
3)Wordlist
4)Member?s URL

C) What not to do
1)Settings
2)Steal
A) Cracking also known as Bruteforcing is done by sending mass password guess into an authentication box (by authentication box I mean where you put the user and pass ect.) To bruteforce you need a few things to begin with: a wordlist, fresh proxies,charon (to check proxies), and C-Force of course.

A.1)Types of sites: There are 3 main types of sites out there.

Basic Authenication: pop-up box login like:

hxxp://members.suze.net/area3/index.html
Form: a html page where you manually have to type in the user and pass like:

hxxp://members.clubsupreme.com/private/

OCR (optical character recogization: form login with a box you have type in the secret word for like:

Hxxp://members.trixieteen.com

You are probably wondering which of these can C-Force crack:

1)Basic Authenication
2)Form
3)StrongBox-OCR that says ?Security by StrongBox? at the bottom
A.2) Wordlists: A wordlist is a list of usually commonly used user:pass combinations. You can make your own with either by using Accesdiver to leech sites or use Athena to leech passes. Also, you can just get one off of the forum.

A.3) Proxylists: Proxylist are a list of proxys(ips) that are used to protect your identity/ip.
B)First things first, you need to get the correct settings set for C-Force. That?s what I am here for ;) Settings tell you how to run the site you are attempting to crack. So, Let?s begin:

B.1)Download C-Force off of Deny.de. Then, Load it by double clicking the icon (looks like a little sperm.) Next, click on the Settings tab located between the Pro and Debug tabs.
1) Check all the these:

(1) StopAfter 10 Hits
(2) Autoload Default Proxy List
(3) Skip Proxy Anon Test
(4) Auto-Find Analyze Proxy
(5) Check For Blocking Pages Using Proxy
2) Make sure you have it set to stop after 10 hit because you don?t want to get MASS passwords. You DON?T need any more than 10-15 passwords per site because this will increase security measures such as: proxy eaters, random generated passwords, and the chance of the site switching to OCR. Also, limit your retries to 3 because you don?t want to try it 5 times. There is no need to make retries 5 because: a) takes longer to go through a wordlist B) because its like ?Hay I?m cracking in!?
B.2)Proxys: First, leech some proxys in Accessdiver. Load into to Charon and Test. Save good and anon proxies. Now, that you have done that, you can precede to load the proxies into C-Force by click the Auto Tab, then by click the blue load button. A box will pop-up and you find the directory where your proxys are stored on your computer. Then, C-Force will say it loaded them.
See image #1

B.3)Wordlist: Never use a wordlist that has 15,000+ combos. It will kill your proxies for one. A smaller wordlist is usually better at getting more hits. Click the Load tab beside Combo-list and load your wordlist in from the directory on your computer.
B.4)Members Url: You can get this info by clicking the Members. Put the correct member?s url where in the box where it says members url. The site we are cracking today is clubsupreme.com?the members url is hxxp://members.clubsupreme.com/private/ Type this in and then, click start.

See image #2
The box on the bottom will tell you all the steps that c-force needs to analyze before running. Once it goes through 10 blocking pages. It will start cracking.

See image #3
The normal reply for a form site is 200. The normal reply for a Basic Authenication site is 401. You should start out with 20 bots. Depending on how fast or slow the site is and the kind of errors you get you can up or down the bots. If you are getting a bad server reply lower them for all types of sites. If you are getting 403?s with Basic Authenication lower them. If its running fine and you want to go faster?up them a little. Woohoo, you are officially cracking!!!!

See image #4
C.1) What NOT to do: You are probably wondering what you shouldn?t do. Never check Bruteforce without proxies. If you do your?re an IDIOT. Sitez will block your ip and possibly report you to your ISP. Don?t click Spoof Check=Waste of time. If it was a Spoof you?d be in the members area already. Don?t check use proxy for analyze because you have auto-find analyze proxy checked ;).


[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]


-Educational use only :D-

Karmas gehen auf mein Konto :D

wow..so viel in 7 minuten zu schreiben ist ja ne spitzen leistung^^

aber falsches topic

~moved~

hmm ich bekomme da nie pws usw. T_T

Quote:

Originally posted by killyou@Feb 12 2006, 00:49 wow..so viel in 7 minuten zu schreiben ist ja ne spitzen leistung^^ aber falsches topic ~moved~

wo steht, dass das von mir ist? =D,
außerdem nen bisschen komisch.
Er fragt mich auf deutsch und ich antworte
mit der Anleitung auf englisch? ^^

scheint ja sowas ähnliches wie accessdiver zu sein
hat schon jemand mit beiden tools erfahrung?
wen ja wüsst ich gern welches ihr für besser haltet

Quote:

Originally posted by Leonino@Feb 13 2006, 16:26 scheint ja sowas ähnliches wie accessdiver zu sein hat schon jemand mit beiden tools erfahrung? wen ja wüsst ich gern welches ihr für besser haltet

C-Force is zu 100% besser,
Accesdiver ist zwar nen bisschen schneller,
und ich nehme es auch zum proxy scannen.
Zum bruten aber 100% C-Force!

Der russische Cheamietest, gibts irgendeinen Zusammenhang zum Tutoial? Aber danke!

sorry das ich den hoch pushe bin aber durch's suchen auf den Thread hier gekommen und würde mal fragen ob jemand nen link hatt für einen C-Force finde keinen seriösen bzw. funktionstüchtigen...

Quote:

Originally Posted by sd333221 A)General Cracking Background 1)Types of sites 2)Wordlists 3)Proxylist B) Getting Started 1)Settings 2)Proxys 3)Wordlist 4)Member?s URL C) What not to do 1)Settings 2)Steal A) Cracking also known as Bruteforcing is done by sending mass password guess into an authentication box (by authentication box I mean where you put the user and pass ect.) To bruteforce you need a few things to begin with: a wordlist, fresh proxies,charon (to check proxies), and C-Force of course. A.1)Types of sites: There are 3 main types of sites out there. Basic Authenication: pop-up box login like: hxxp://members.suze.net/area3/index.html Form: a html page where you manually have to type in the user and pass like: hxxp://members.clubsupreme.com/private/ OCR (optical character recogization: form login with a box you have type in the secret word for like: Hxxp://members.trixieteen.com You are probably wondering which of these can C-Force crack: 1)Basic Authenication 2)Form 3)StrongBox-OCR that says ?Security by StrongBox? at the bottom A.2) Wordlists: A wordlist is a list of usually commonly used user:pass combinations. You can make your own with either by using Accesdiver to leech sites or use Athena to leech passes. Also, you can just get one off of the forum. A.3) Proxylists: Proxylist are a list of proxys(ips) that are used to protect your identity/ip. B)First things first, you need to get the correct settings set for C-Force. That?s what I am here for ;) Settings tell you how to run the site you are attempting to crack. So, Let?s begin: B.1)Download C-Force off of Deny.de. Then, Load it by double clicking the icon (looks like a little sperm.) Next, click on the Settings tab located between the Pro and Debug tabs. 1) Check all the these: (1) StopAfter 10 Hits (2) Autoload Default Proxy List (3) Skip Proxy Anon Test (4) Auto-Find Analyze Proxy (5) Check For Blocking Pages Using Proxy 2) Make sure you have it set to stop after 10 hit because you don?t want to get MASS passwords. You DON?T need any more than 10-15 passwords per site because this will increase security measures such as: proxy eaters, random generated passwords, and the chance of the site switching to OCR. Also, limit your retries to 3 because you don?t want to try it 5 times. There is no need to make retries 5 because: a) takes longer to go through a wordlist B) because its like ?Hay I?m cracking in!? B.2)Proxys: First, leech some proxys in Accessdiver. Load into to Charon and Test. Save good and anon proxies. Now, that you have done that, you can precede to load the proxies into C-Force by click the Auto Tab, then by click the blue load button. A box will pop-up and you find the directory where your proxys are stored on your computer. Then, C-Force will say it loaded them. See image #1 B.3)Wordlist: Never use a wordlist that has 15,000+ combos. It will kill your proxies for one. A smaller wordlist is usually better at getting more hits. Click the Load tab beside Combo-list and load your wordlist in from the directory on your computer. B.4)Members Url: You can get this info by clicking the Members. Put the correct member?s url where in the box where it says members url. The site we are cracking today is clubsupreme.com?the members url is hxxp://members.clubsupreme.com/private/ Type this in and then, click start. See image #2 The box on the bottom will tell you all the steps that c-force needs to analyze before running. Once it goes through 10 blocking pages. It will start cracking. See image #3 The normal reply for a form site is 200. The normal reply for a Basic Authenication site is 401. You should start out with 20 bots. Depending on how fast or slow the site is and the kind of errors you get you can up or down the bots. If you are getting a bad server reply lower them for all types of sites. If you are getting 403?s with Basic Authenication lower them. If its running fine and you want to go faster?up them a little. Woohoo, you are officially cracking!!!! See image #4 C.1) What NOT to do: You are probably wondering what you shouldn?t do. Never check Bruteforce without proxies. If you do your?re an IDIOT. Sitez will block your ip and possibly report you to your ISP. Don?t click Spoof Check=Waste of time. If it was a Spoof you?d be in the members area already. Don?t check use proxy for analyze because you have auto-find analyze proxy checked ;). [Only registered and activated users can see links. Click Here To Register...] [Only registered and activated users can see links. Click Here To Register...] [Only registered and activated users can see links. Click Here To Register...] -Educational use only :D- Karmas gehen auf mein Konto :D

Google FTW?

Beim nächsten mal bitte kein uralt Thema ausgraben sondern stattdessen ein eigenes Thema in einer geeigneten Sektion erstellen.

#closed