[taebog]

Not sure if this was the right to post for cracking help.

I'm trying to crack a popup website using sentry and followed the basic tut on youtube.

I followed everything on the video and used Charon to get good proxies and used the combolist here in the forum. Below is the debug.txt

Hit: http://calvo26:1stet...in.com/members/ Proxy: 195.206.38.53:3128 Time: 2/14/2012 12:27:40 AM
--------------------Start Header----------------------------
GET http://www.filthybritain.com/members/ HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Opera 7.54 [en]
Host: www.filthybritain.com
Pragma: no-cache
Authorization: Basic Y2Fsdm8yNjoxc3RldHNvbg==


HTTP/1.0 200 OK
Date: Tue, 14 Feb 2012 06:28:46 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8q DAV/2 PHP/5.2.17 with Suhosin-Patch
Last-Modified: Fri, 20 Jan 2006 07:18:46 GMT
ETag: "213e001-2e3-40ac51780e180"
Accept-Ranges: bytes
Content-Length: 739
Content-Type: text/html
X-Cache: MISS from Court
X-Cache-Lookup: MISS from Court:3128
Via: 1.0 Court (squid/3.0.STABLE25)
Connection: close


I have a total of 15 hits using 800 proxies and combolist in about 45mins I think. Unfortunately, none of the hits were working. Could somebody guide me what am I doing wrong here?

[SYNTOX]

Without seeing the full reply I can't say for certain but here are a few tips for you.

Look at the full html response from the website, you may find that the website is blocking your proxies and returning a 200 okay response, generally you can find a proxy block keyword on the website ex: "your ip address has been blocked due to excessive login attempts".

The proxy itself could be blocking connections to that website, a lot of proxies will block adult websites. Again if you look at the html response you should be able to figure out if you are being blocked.

A good idea when testing proxies is to use the "test against site" option and defining the site your cracking and only use proxies that are anonymous and return a good reply under site.

This will greatly clean up your amount of fake results.

[taebog]

SYNTOX, on 14 February 2012 - 09:45 AM, said:

Without seeing the full reply I can't say for certain but here are a few tips for you.

Look at the full html response from the website, you may find that the website is blocking your proxies and returning a 200 okay response, generally you can find a proxy block keyword on the website ex: "your ip address has been blocked due to excessive login attempts".

The proxy itself could be blocking connections to that website, a lot of proxies will block adult websites. Again if you look at the html response you should be able to figure out if you are being blocked.

A good idea when testing proxies is to use the "test against site" option and defining the site your cracking and only use proxies that are anonymous and return a good reply under site.

This will greatly clean up your amount of fake results.

Thank you for the tips. Question: How do you define the site keyword in Charon? Ok I add the website filthybritain.com/members then for keywords something like this <title>Welcome to members area</title> or <title>Filthy Britain members area</title>? How do I find this out?

So this means that I am using bad proxies afterall. In charon, filter the good and anononymous proxies only, right? What about the quality of my combolist?

[SYNTOX]

You do not need to test proxies against the members area of the website, just the website itself since www.filthybritain.com/members is the same site as www.filthybritain.com so if a proxy is blocking www.filthybritain.com it would also be blocking www.filthybritain.com/members

1) Click site options in charon:
2) Check test against site, only check with anonymous proxies
3) Enter your site: www.filthybritain.com
4) Enter a keyword: <title>Filthy Britain - British amateur porn at its best!</title>
5) Click Add Site
6) Close

How ever to get a success key from the members area to use for future cracking, crack the site and look at your fake responses, when you see one with a successful login, take a success key from that page, I generally use the title tag or some kind of message welcoming you to the members area.

[taebog]

Thanks. I followed this and i'm still getting a lot of blocked proxy hits and no working hit. I'll try it to another website and see if I have luck

SYNTOX, on 14 February 2012 - 03:56 PM, said:

You do not need to test proxies against the members area of the website, just the website itself since www.filthybritain.com/members is the same site as www.filthybritain.com so if a proxy is blocking www.filthybritain.com it would also be blocking www.filthybritain.com/members

1) Click site options in charon:
2) Check test against site, only check with anonymous proxies
3) Enter your site: www.filthybritain.com
4) Enter a keyword: <title>Filthy Britain - British amateur porn at its best!</title>
5) Click Add Site
6) Close

How ever to get a success key from the members area to use for future cracking, crack the site and look at your fake responses, when you see one with a successful login, take a success key from that page, I generally use the title tag or some kind of message welcoming you to the members area.

[SYNTOX]

The website is probably blocking proxies as you crack, did you find and add a proxy block keyword to sentry?

A lower number of bots will also help prevent proxy blocking as it will allow for more time to pass before a bot uses the same ip address again to login.

If you are still getting fakes, there is obviously something you need to fix/add with your keywords.