sodusme

Hmm I'm still learning and tried to look at this and make it work but its confusing me 'cause I can't find any instance of the vcode in the POST data to parse. I can however find this URL: http://911.re/getcode?t=1559995019043 which MIGHT be helpful if you can somehow parse the equation from that? I don't know how to do it however. I'm just trying to spur some conversation on this so I can learn also.

I would recommend running any unknown program in Sandboxie.

IKR LOL this thing has been around for at least 15 years that I know of. When I first started cracking back then I learned how to use this tool its actually VERY powerful dude. You can do SO much with it: keep combos with certain characters, remove combos with certain characters, remove duplicates, add to the end of or front of combos, separate combos, join combos, replace characters. If you have any questions on using it PM me and I'm sure I can answer it. ;)

What specifically are you having problems with? Watch these 2 videos: https://www.youtube.com/watch?v=r3l7Twopx5E https://www.youtube.com/watch?v=-dfjf-QNMjc Top one is on making "simple" configs and the bottom one is on making "complex" configs including those with tokens and capture. I have succeeded in possibly making one with ReCaptcha but I'm not sure it works properly as I haven't gotten any hits. I simply viewed the other configs I had with OpenBullet and applied what I saw to that config.

https://mega.nz/#!LC4XwITZ!dk8RbNh_ot5FGySnJD7unIOV71OhNZDi4GFlcLl4GP0 Most times a malicious threat on Slayer's programs are false positives. He says when he codes the programs he "wraps" it in another program that keeps it from being reverse engineered and that is what gets triggered from the A/V as malicious. Here is his Facebook: https://www.facebook.com/XSLAYER404/posts/slayer-leecher-v06-new-update-soooon-stay-tunned-httpswwwyoutubecomchannelucnhho/1881218702180525/

I'd check your success wording 'cause that says its not a valid hit?

Raptor 3 will do this. You can create a "rule" to "keep" a combo if it has "any" instance of a number or a capital letter in the password. You can also add to the end OR front of your password with this tool. http://presacunchrys.rf.gd/raptor_3_wordlist_tool_download.pdf

Use Slayer Leecher V0.6 or Smart Pastebin Leecher V 0.1 and set the time frame to a week or a month so that you get "fresh" combos. Use Fortnite as a "keyword" and you will get fresh email:password combos. P.S. Please don't key log me ;)

Yes that gets into "rate limiting". All sites have a limit on the amount of traffic they can process per minute that meaning client (you) to server (the website). If you go all out on a site and run hundreds or thousands of bots you run the risk of over loading the site. When you over load the site you can effectively DOS the site so its of no use to anyone including legitimate users and us crackers. Not to mention that traffic does get noticed and the site may increase security to prevent it in the future. I have seen many sites increase security because someone released a proxyless config and people ran it all out and ran hundreds of bots on the site and the site eventually went to stronger security. Faster isn't always better when cracking. ;)

Lets check this out....

Yes the combos per minute can depend on the config. Its my knowledge that sometimes there are "back door" URL's to sites. Some of which might be an API (Application Programming Interface) which most websites will keep private. I've noticed that lots of API's do not require a proxy at all OR are very lenient in their rate limiting (monitoring how many proxies or I.P's can connect and where those are from geographically). So yes most times unless you stumble across an alternate URL or know of an API login for a website you will be attacking the same URL that every other cracker is focusing on.

Thanks for the share.

So here's how that works: Free proxies are proxies that are widely available on the internet and most any cracker/hacker is using them. Most sites will have some type of ban or limit in place on what and/or how many proxies (I.P.'s for all intents and purposes) can be used on their site. Take for instance an I.P. of: 123.123.123.123:80 that is being used by hundreds if not thousands of cracker/hackers and its already been used on say Netflix hundreds of times, so many times that Netflix has "banned" the proxy. When you go to use that proxy on Netflix you are using a proxy (I.P. because in most instances if you're using a Level 1 or High Anonymity proxy it can't actually be detected that it is a proxy in the first place) that has already been seen logging into thousands of accounts or attempting to and Netflix sees this activity and bans it very quickly. Now enter your friend: He uses a premium proxy that is NOT widely available on the internet of 246.246.246.246:8080 and Netflix has not seen this proxy and because its a Level 1 or High Anonymity proxy it doesn't get detected that its even a proxy and does not get banned. So to conclude YES your friend will get more hits AND process more combos per minute because the sites are not recognizing his proxies as already having been used (and banned) on their sites. Make sense? ;)

Lets try this one out since my other one doesn't work.

Thanks man I like the way you think LOL

I don't think there is a ban key and any proxy errors appear to be handled by a retry automatically. SO what do you do if you don't know the success phrase? Where do those responses go? I might have mistakenly referred to them as "hits" assuming I have covered all failure keys so lets say "responses" instead? SO if my failure key is set to: Sorry, unrecognized username or password and I get a response that does not match that (and it happens to be a hit to the members page) will that response then go to the "to check" tab?

I assume you are creating this config in Sentry MBA? You have to use Fiddler or Charlies Proxy to bypass the SSL connection error when analyzing the login page. I have no experience with Fiddler or Charlies Proxy but there are YouTube videos on how to bypass that SSL error. You can also create a config in OpenBullet.

I have not used it BUT I believe that X Slayer has come out with an email access checker I THINK it might be posted on his Facebook page (you can search him on FB)? I would avoid any of the obvious depending on where you live? If you are in the U.S. I would avoid any .gov, military or law enforcement although it would be fun to gain access to those LOL.

So I'm trying my hand at making come configs in OpenBullet which I will share if I get them working. I have a question though: If I don't know the success phrase will all "hits" that don't match the failure phrase go to the "to check" tab? Do I need to make a success "key chain" within the "key check" block? Or is it best to leave it alone without knowing the success phrase? In other words if I make a success key chain in the key check block do I have to fill it out when I make it? Does the program expect it to be filled out because I have made a key chain (or will all "hits" still go to the "to check" tab)? Thanks for any help....

Are you talking an email combo? or a user/pass combo? If its en email combo use Slayer Leecher V0.6 or Smart Pastebin Leecher V0.1. If its a regular user/pass combo I still struggle myself with making those I had a really good porn password site scraper but the sites have changed their technique for posting so it no longer works. I would suggest u sing Slayer Leecher or Smart Pastebin Leecher for user/pass combos as well unless somebody has a better program?

Lets see if this is still working.

Lets try this out.

106 HBO NOW accounts. Leave a like if you wanna enjoy the content. [hide]https://pastr.io/view/lfTIbs[/hide]

Lets see if this works....

Lets give this a try.