|
|
Copyright Michael Cowan 2002
All Rights Reserved
|
|
|
Leeching |
Leeching is when you scan a buffer for a particular arrangement of characters. For example an IP address, or username:password, both of which are very handy. The following steps show you how to leech IP adresses using the default.so plugin:
1. In the Plugins tab on the Sidebar, select the plugin you want to use (default.so) beside Leeching
2. Change the plugin argument (if required) to include 'leech=ip' (without the ')
3. Select Leech in the main window, and click the open file icon for Proxy Leech Target.
4. Find the file you want to leech from and click Open.
5. Click the Play button.
|
|
Proxy Testing |
When you have a list of proxys, it is always wise to test them. This testing allows you to remove dead/slow proxys. Also they can be tested for anoniminity. By doing this once and saving a good list, saves time when using the proxys later. This is how to test http proxys using the default.so plugin:
1. In the Plugins tab on the Sidebar, select the plugin you want to use (default.so) beside Proxy Testing
2. Change the plugin argument (if required) to include the location of a server running the Proxy Judge perl script. By default this is set to 'http://grip-webwalker.sourceforge.net/cgi-bin/proxyjudge.pl'
3. Select Proxy Testing in the main window, and click the open file icon for Proxy List File.
4. Find the file containing your proxy list and click Open.
5. Click the Play button.
|
|
Cracking |
Cracking is when you try a list of usernames and passwords (in the form user:pass) to break into a target server. To do this you need to have a target in mind and a list of user:pass's. Optionally you can also use a proxy list. Using a proxy list allows you to carry out this task through other machines and, assuming the proxys have been tested properly, anonymously. It is however almost always slower. Attempts are made until either there are no more user:pass's to try, all the proxys are considered dead or the target goes down. Unless you own the target or have recieved permission, carrying out this procedure is almost always illegal. To crack a webserver using default.so, use the following steps:
1. In the Plugins tab on the Sidebar, select the plugin you want to use (default.so) beside Cracking
2. Change the plugin argument (if required). default.so does not require an argument for this function
3. Select Cracking in the main window, and fill in the target URL. Be sure to start with a protocol eg http://
4. Click the open file icon for Word List Target and find the file containing your user:pass list and click Open
5. (optional) Click Enable Proxy Connection and browse to your proxy list
6. Click the Play button.
|
|
URL Testing |
URL testing is handy after you have created a sucessfully cracked list. This can be used to check the list to see if any of the previous sucessful attempts are now invalid. To do this using defaulst.so:
1. In the Plugins tab on the Sidebar, select the plugin you want to use (default.so) beside URL Testing
2. Change the plugin argument (if required). default.so does not require an argument for this function
3. Select URL Test in the main window, and fill in the target URL. Be sure to start with a protocol eg http://
4. Click the open file icon for Word List Target and click the open file icon for URL List File.
5. Find the file containing your URL list and click Open.
6. Click the Play button.
|
|
| Shortcuts |
Leeching
|
Proxy Testing
|
Cracking
|
URL Testing
|
|
