Skip to main content

How to Hack Passwords :: Password Hacking

There are many ways to search for vulnerable sites with google. I'll show you here how to get username and password from sites that use FrontPage extentions. Microsoft FrontPage Extensions creates a service.pwd file inside the _vti_pvt directory in the HTTP server's document root. This file contains user names and passwords that could be remotely retrieved by an attacker. The good news is that Google indexes this kind of files, so they are very easy to search for. The bad news is that the passwords are encrypted, but wait, this is not really a bad news :-) because you can crack them if you are patient and you have the will. If you want to become a hacker, you have to be patient and you have to have the will. Please note: I'm not telling you to hack sites, this stuff is just for learning. So if you want to do illegal things, you should know that jail is a possibility.




So lets go to the details:



1- Some administrators change the name of service.pwd file to authors.pwd or administrators.pwd or users.pwd or some thing else. So to get the biggest chance to retreive this file we will add an "inurl" condition to our search string in Google like this: inurl:(service
authors
administrators
users)



2- The file extension is "pwd" and we are not interested to get other extensions, so we will add an "ext" condition to the search string in Google like this: ext:pwd



3- The first line in the file service.pwd is "# -FrontPage-". So we will search for this string with Google



And here is the full search string:(you can click it to go to Google result page)

inurl:(service
authors
administrators
users) ext:pwd "# -FrontPage-"



In the Google result page click any link, you should see some thing like this:



# -FrontPage-ekendall:bYld1Sr73NLKolouisa:5zm94d7cdDFiQHere, there are 2 users with their encrypted passwords. The first user is ekendall, his encrypted password is bYld1Sr73NLKo and the second user is louisa, her encrypted password is 5zm94d7cdDFiQ.



After this u can decrypt the password by any password decryptor software.

Comments

Post a Comment

Popular posts from this blog

SEO Optimizing A Website For Improved Value

SEO or search engine optimization is something that every web owner and creator should be aware of. Even if a website owner hires an expert to carry out the online marketing, understanding the very basics and how it really can improve a websites performance and popularity is important. Simply put, optimizing a website is important and is built around keywords that are valuable to a website and to the products or services it is trying to provide. By focusing on main keywords or key phrases for a business, and expanding on them over time, can improve the amount of visitors a website receives, in turn increasing profits or simply improving its popularity if it is an information website. SEO is valuable, and means a way of making a site appear at a higher ranking in search engines such as Google, Yahoo, AOL etc. Using this important type of online marketing can reap great benefits. It takes time to learn and time to complete, and is a constant job to keep a website performing well above co...
Post a Comment
Read more

Email On Deck: A disposable email address that works

Today, Team Inforpioneer brings an interesting Email service for our reader which will definitely help our readers to improve their internet security and will benefit in some other ways.  Here is a short description of this service.  EmailOnDeck.com is the premier site for all things relating to temporary, disposable and throwaway email addresses. We want to help you avoid SPAM, protect your online privacy, and stop you from having to give away your personal email address to every company and person on the internet who insists on you giving it to them. We work hard and will continue to work hard to give you a disposable email address that works with any site or app. We hope to help give you back the control of deciding who you want to give your personal info to. Temporary emails are perfect for any transaction where you want to improve your online privacy. Use them when you buy or sell Bitcoins or trade cryptocurrency, at exchanges, or locally. They can be used for QA tes...
1 comment
Read more

Cheap & Easy To Use VPN Services in China for 2019

Because of copyright issues, many domestic video sites prohibit foreign direct access to foreign IPs. Overseas users want to see these videos from abroad and need to obtain domestic IP with VPNs to bypass these copyright restrictions. Wall mom brings the best solutions for your VPN Services which are not only the best in the area but also have cheap and affordable prices. In this article,  Wall mom  brings some cheap and easy to use over the wall VPN recommendations for their users with the reviews which will surely help those who want a access to the sites which has the copyright restrictions.  They wrote in this articles that Only recommend foreign VPN, do not recommend domestic VPN Dare to operate in the domestic VPN service, the policy risk is particularly large, almost all shut down or run, it is difficult to issue a refund. Before GreenVPN was shut down, a large number of users flocked for a refund, and the refund was still good. Many domestic VPNs...
5 comments
Read more