 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 78
 Members: 0
 Total: 78
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Password Leeching Tool |
|
 Posted: Tue Dec 18, 2007 5:00 pm |
 |
|
| Siddhartha |
| Beginner |
 |
|
| Joined: Dec 18, 2007 |
| Posts: 3 |
|
|
|
 |
|
 |
|
Is there tool for Linux that will capture passwords from websites? I've been looking around as best I can in order to find a tool or any other method in order to do this, but no luck yet. I'm currently using the Ubuntu distro.
BTW, awesome website, I have hours of reading ahead of me. |
|
|
|
|
|
|
|
|
| Posted: Wed Dec 19, 2007 6:16 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
Please explain your wish more clearly! I mean - leech website passwords? Most of the times passwords does not lay for free access. They are hidden in databases and/or config files. So some work and experience is needed to access these "private vaults" and even then in most cases passwords are not in plain text, but cryptographically altered - hashed or encrypted - so that further cracking is needed.
So the bottom line is - there is no "secret weapon", "silver bullet" or "Universal Hacking Program" for fully automated "password harvesting". Still - if you can determine target website's software and if it contains security hole(s) and if you can get working exploit for it, then MAYBE you have password(s) in you possession within seconds or minutes. It all depends on target  |
|
|
|
|
|
re:a better explanation |
|
| Posted: Thu Dec 20, 2007 12:41 am |
|
|
| Siddhartha |
| Beginner |
|
|
| Joined: Dec 18, 2007 |
| Posts: 3 |
|
|
|
|
|
|
|
| I was thinking of harvesting login and passwords from such sites that offer hacked logins for adult websites that display the login and password in the URL format. This way I might be able to create my own wordlists. |
|
|
|
|
|
Re: re:a better explanation |
|
| Posted: Thu Dec 20, 2007 3:27 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Siddhartha wrote: | | I was thinking of harvesting login and passwords from such sites that offer hacked logins for adult websites that display the login and password in the URL format. This way I might be able to create my own wordlists. |
So you need specfic data mining or crawling tool. You are using linux? So why not write shell script(s) with possible perl code additions to do the work? You can use Google queries as starting point and then parse pages with proper regexes ... |
|
|
|
|
|
re: |
|
| Posted: Mon Dec 24, 2007 11:09 pm |
|
|
| Siddhartha |
| Beginner |
|
|
| Joined: Dec 18, 2007 |
| Posts: 3 |
|
|
|
|
|
|
|
| I am using Linux, although I'm slowly learning programming. If I knew enough about programming, I would create tools for others to use. |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
