Chapter 1.03 Cracking & Dorking Ebook Chapter 1.03 Released by Don
Chapter 1.03 Cracking & Dorking Ebook Chapter 1.03 Released by Don
Chapter 1.03 Cracking & Dorking Ebook Chapter 1.03 Released by Don
As you can see the messages from instagram, now click on each email received from instagram
and click on show details to get the keyword search as on the screen bellow .
now you will get some informations like on the screen bellow
Copy to : Everyone Ebook By DonXirus
So what Next ? now we will do the same on every received email from our target in my case
« Instagram » my result is this :
1- [email protected]
2- mail.instagram.com
3- [email protected]
So maybe there is more keyowrds like this, the point is to get as much keywords search as you can,
Now the question is why are we doing this ?
So this method is good for people who aren’t able to get private combos, or for people who want to
use the publix combos, i did apply this method on world of tanks ( Wargaming) and instagram
accounts, and i get a good result ( private accounts).
Now the method is to use those keyowrds on some keyword search checkers like AIO accounts
checker, Woxy Checker, and other tools.
Everyone will said ohh we all knew how to use those tools, and this method is public, So if you are
smart enough, you will find that everyone has been used the same keyword search, not like our
method, for example i want to crack League of legends accounts, i will find in AIO accounts checker
just one keyword search ([email protected]) like this one on the screen bellow
Copy to : Everyone Ebook By DonXirus
1- Means i did get the accounts that everyone has been get like me using the public keyword
search @instagram.com, and i did get another accounts on the same public combo list with
the new keywords, [email protected] and [email protected].
Copy to : Everyone Ebook By DonXirus
Now you started understand what i’m talking about, and if not i will continue explaining this. Ok so its
easy not that hard, The Answer is just that some emails not content the keyword search
@instagram.com in the received email, that’s mean AIO checker can’t find this keyword on the
emails, then it will just passe the search for the next accounts on the combo list, but if you do add
some new keywords search, so AIO will check every email and look for those keyowrds inside the
emails. Then the result will be like this, 13 accounts for the keyword search @instagram.com, 18
accounts on the combo list using the keyword search [email protected], 25 accounts
on the combo list using the keyword search [email protected], and like that you can
find more new private accounts on the public shity combo list.
So this method can work for everything, any target, and i use this method to crack bitcoin accounts,
Gaming accounts, Streaming accounts , and more ... as you did see, the result was different while
using more new keywords search than using the famous public keyword that everyone has been
used before.
Copy to : Everyone Ebook By DonXirus
2 New Google Dorking Methods
1- Twin Dorks
This method is is good, when we are trying to get many things for the same target, like
searching Shopping Urls related to to amazon and ebay at the same time,or for gaming like
fortnite and Pubg, so those targets must be the same interest. Lets take the first example, and
work on it, to make Twin Dorks...
So first of all i need to know that twin dorks are not like other dorks methods, cause i need to
be more specific, about keywords and parameters. I need to make some good keywords but i
will be in need of 2 functions, So our Dork Will be like that :
This method will help you to get related urls to different targets, means if you are trying to make
shopping dorks, you will be able to make dorks for ebay and amazon in the same Dorks list, no need
to make separated Dorks. Using the & Option, Now you understad how this method works, what
you need now, is to think about some good combinations, i did add some for you, but there is
too many ways on how to use this method, so surprise me and show me your good skills, by
going so fare in this, its an easy method, no need to explaine more, as you are now the good
dorkers team in nulled, you did understand the first Ebook, and it’s the Base of Dorks Making,
Copy to : Everyone Ebook By DonXirus
so every new method, will be easy for you to understand it, and get the secret behind it at the
first look ...
Now Lets see how to use Dorky Dorker to create this type of dorks.
First we need to choose our target in my case i will use shopping websites, amazon & ebay, then i
will make some common keywords for shopping
Then i will use those Keywords as parameters and not in keywords part, our keywords are just 2
Amazon & ebay.
Second Lets make some Page types If i’m using Sib panel to dump and scan urls so my page types
must be only
Cause Sib Panel support only urls content .php? .asp? and .aspx? if we are using other tools like
sqli dumper so we can use the normal page types we are using all the time.
Third we will chooose the best combinations for our Twin Dorks like i mentioned up,
But we will replace later the X word with Ebay cause i didn’t find a way to combine two words in dorky,
i usualy make things complicated xD but maybe you know how, anyway just follow me and we will
make it, what you need to understand is that we will use ebay as Xword and amazon as original
keyword, so i need to do this :
keyword preset
Fourth, as we can see i did use domains in the first combinationso i need t choose wich countries am i looking
for, in my case i will use :
Domains : De Fr It Us Pl
Done, so now we have everything we need, the next step is just to copy and paste in the presets on dorky
dorker like on the screen bellow :
Copy to : Everyone Ebook By DonXirus
Then open Dorky and generate your dorks to get a list like this
First Generated list
So now we will just replace the x"Amazon" with
Fially i want to tell you that this method ; isn’t just for making twin dorks, but for getting vulnerable
Urls too, cause you should know that after many researchs about vulnerabilities i found that every
vulnerable Urls content the two symboles « ? » , « & » cause they are used exactly for data transfer
means exchange informations betwen users and the server, and thats exactly our Goal, users
informations or called « email ; pass » , « user : pass » = Combolist.
Copy to : Everyone Ebook By DonXirus
2- google search query
This method is about Getting tons of shit informations from google, and it’s good if you are a good
Spamer, Getting real good accounts as target, i will take as example Instagram, so everyone knows
that instagram is the famous money making service in 2019, which can get you a stable work, i will
not teach you how to spam or crack instagram accounts, but i will show you how to get a filtered
information, about what you are trying to get from google exactly, i did saw many people using this
method, but not in the right way, mean’s bad dorks method, so lets start :
Lets say, i want from google to search for me, every user who has 300k+ followers, verifed account,
what else ? registred with hotmail email, what niche food or clothing, lets try just this and see what is
the usefule dork to get all this !! follow me :
so as you can see i did get exactly what i want from google search, so now lets check the first target
and see if it’s what we did search about exactly ?!!
Copy to : Everyone Ebook By DonXirus
it’s exactly what i want to get, so now it’s time to get tons of accounts and start spaming, or what ever
you want, but what you need to know exactly about this method, is that we can use it not just for
instagram or spaming ways, but for other things that we need, i can’t tell you what, but there is more
good things behind this method, so be creative and smart, then see what you can make or get using
this great method, Good Luck
Copy to : Everyone Ebook By DonXirus
As you can see from the screenshot, the folder C:\WINDOWS\system32 is changed to
C:\Users\Alex\Downloads\hashcat-4.1.0.
Now to start the program it is enough to type the name of the executable file indicating the
current folder. The current folder is indicated by a period (.), Then you need to put a
backslash, it looks like this:
Copy to : Everyone Ebook By DonXirus
1 .\hashcat64.exe
Since we did not enter any options, nothing happens, only a brief hint is displayed.
Throughout the instruction, we will run the executable hashcat file with options. The simplest
option is -h, if you write it, you will get a reference for using the program:
1 .\hashcat64.exe -h
Download hashcat
Download hashcat from the official site by the link: https://hashcat.net/hashcat/
You will see:
The site has hashcat binaries and hashcat sources. The first is binary (executable) files, the
second is the source code. We need binaries, i.e. hashcat binaries.
How to install hashcat
Hashcat does not require installation, since it is a portable program. It is enough to unpack
the downloaded archive. If you have problems with unpacking the .7z format, then use the
program 7-Zip(archiver with a high compression ratio).
To run hashcat, it is necessary that the latest drivers for video cards are installed.
Drivers for hashcat
The following drivers are required for video cards:
AMD GPUs on Windows require "AMD Radeon Software Crimson Edition" (15.12 or later)
Intel CPUs require "OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later)
Intel GPUs on Windows require "OpenCL Driver for Intel Iris and Intel HD Graphics"
Copy to : Everyone Ebook By DonXirus
NVIDIA GPUs require "NVIDIA Driver" (367.x or later)
Most likely, drivers for AMD and NVIDIA graphics cards in Windows are already installed, or
you know how to do it.
Therefore, I will only talk about OpenCL Runtime and the OpenCL driver installation.
OpenCL Runtime includes driver the Windows driver, so you only need to download one file
with OpenCL Runtime for Intel Coree, Intel Xeon Processors for Windows, for example, the
latest version is now: ‘OpenCL ™ Runtime 16.1.2 for Intel® Core ™ and Intel® Xeon®
Processors for Windows (64-bit & 32-bit)’.
The latest version of this package can be found on the official Intel
website: https://software.intel.com/en-us/articles/opencl-drivers#latest_CPU_runtime
Hashcat options
Working with programs in the command-line interface is very different from working in the
graphical user interface. In the GUI, we press different buttons, move switches, etc. This is
not the case with programs with a command-line interface. But at the same time the
command line utility can have even greater capabilities than a similar program with a window
interface. In order to control the functionality of console utilities, options are used.
In the output of the help you probably noticed a lot of information. This information is mostly
devoted to the options.
Options are specified after the file name separated by a space. Some options require
specifying a certain value. Some are used without values (such options are also called
‘flags’).
Options can be used one at a time or several at a time. With the help of options you can very
accurately configure the program, use it at maximum capacity.
With one option we have already metб it is the -h option, which displays program help, then
we'll get acquainted with even more options and their possible values.
The next one is the -b option.
Running the hashcat benchmark
The -b option starts the hashcat benchmark. This benchmark measures the speed at which
passwords are checked.
Running the benchmark will be successful only if the drivers are installed correctly and
everything is all right. Therefore, a benchmark is also a way to do a system and hashcat
check.
To run the brute-force speed check on the most popular algorithms on the command line
type:
1 .\hashcat64.exe -b
Copy to : Everyone Ebook By DonXirus
To stop prematurely, press CTRL+c. This shortcut stops all command-line utilities
immediately. Remember this combination!
Speed is displayed for each device separately, as well as for all devices combined
(line Speed.Dev.#*).
Example:
Copy to : Everyone Ebook By DonXirus
.
2- Hashmode: 2500 - WPA/WPA2 (Iterations: 4096)
3- Speed.Dev.#1.....: 5591 H/s (46.19ms) @ Accel:512 Loops:256 Thr:1 Vec:4
4- Speed.Dev.#2.....: 22374 H/s (69.23ms) @ Accel:128 Loops:32 Thr:256 Vec:1
5- Speed.Dev.#3.....: 171 H/s (1205.03ms) @ Accel:1024 Loops:128 Thr:1 Vec:4
6- Speed.Dev.#*.....: 28136 H/s
Which device exactly corresponds a number is written at the very beginning when the
program is launched, for example:
OpenCL Platform #1: Intel(R) Corporation
========================================
1 * Device #1: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz, 4085/16342 MB allocatable, 8MCU
. ================================================
4 * Device #3: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz, 4085/16342 MB allocatable, 8MCU
2 You can use --force to override, but do not report related errors.
The error says that it is not the native runtime environment of OpenCL that is used, and a
significant speed loss is expected. For this reason, OpenCL devices will be skipped (in the
screenshot below it is visible by the word ‘skipped’). If we want to use them anyway, we need
1- 1 | CPU
2- 2 | GPU
3- 3 | FPGA, DSP, Co-Processor
Pay attention to a very important point: an uppercase letter is used for the option. Options are
case sensitive. An uppercase letter may have another, even completely different meaning
than lowercase letter.
So, 1 is the central processor, and 2 is the graphics processor, then the full command, along
with the selection of all devices available for me, will look like this:
1 .\hashcat64.exe -b --force -D 1,2
The folder with Hashcat-hashcat-4.1.0 is highlighted. Note that you do not need to rename
the directory with a hashcat.
Double-click the HashcatGUI.exe file to start the program. Look at the Hashcat GUI:
Opposite the found hash, look at the column ‘#’, i.e. number. In this case, this number is ‘0’.
So, to the Hashcat launch command, you need to add -m 0, it is the option and its value.
If we were given a SHA1 hash, then its number would be 100 and to the Hashcat launch
command we would add -m 100 and similarly for any other algorithm.
Typically, a hash type is known from the source where this hash was obtained. In case the
type of attacked hash is not known reliably, you can try to guess it with the help of specialized
tools.
To crack our hash, create a small dictionary: an ordinary text file named dictionary.txt and
copy into it:
Expand
Copy to : Everyone Ebook By DonXirus
Note: By the way, with Hashcat comes with an example of a dictionary, it's
called example.dict.
So, at this stage we have everything you need to launch an dictionary attack. We collect
everything together:
1 .\hashcat64.exe -m 0 -a 0 53ab0dff8ecc7d5a18b4416d00568f02 dictionary.txt
Here:
.\hashcat64.exe is a executable file
-m 0 is an option that sets the MD5 hash type
-a 0 is an option, which value triggers a dictionary attack
53ab0dff8ecc7d5a18b4416d00568f02 is a hash to be cracked
dictionary.txt is a path to the dictionary file.
Since the dictionary is very small, the program will finish its work very quickly:
The command contains the same options as the previous one, but instead of directly hash,
we specified the path to the file containing the hash to crack.
Note: since for educational purposes we crack the same hash in different ways, in case you
repeat the examples, you will see the message:
1 INFO: All hashes found in potfile! Use --show to display them.
It means that the hash that you are trying to crack has already been cracked before. All
compromised hashes are stored in the hashcat.potfile file in the same directory as Hashcat.
This is a plain text file, you can open it and see the contents, in my case it's:
1 53ab0dff8ecc7d5a18b4416d00568f02:hackware
This file can be deleted to start attack anew on the same hash in different ways.
There is also the option --show, after which you need to specify the hash of interest:
1 .\hashcat64.exe --show 53ab0dff8ecc7d5a18b4416d00568f02
and if it is found in the hashcat.potfile file, then information about the cracked password will
be displayed.
3 l | abcdefghijklmnopqrstuvwxyz
4 u | ABCDEFGHIJKLMNOPQRSTUVWXYZ
5 d | 0123456789
6 h | 0123456789abcdef
7 H | 0123456789ABCDEF
8 s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
9 a | ?l?u?d?s
b | 0x00 - 0xff
10
The first column denotes a symbolic symbol set. For use in masks, a question mark must be
placed before this designation. For example, ?u means all uppercase letters, ?d means all
digits.
Suppose we know that the password consists of four characters, the first two characters are
uppercase letters, and the third and fourth characters are digits, then the mask will be as
follows:
1 ?l?l?h?h
To crack the password from our hash given as an example, we need to create a mask
consisting of eight characters, each of which is a small letter. This is the mask: ?l?l?l?l?l?l?l?l
1 .\hashcat64.exe -m 0 -a 3 53ab0dff8ecc7d5a18b4416d00568f02 ?l?l?l?l?l?l?l?l
Here:
.\hashcat64.exe is an executable file
-m 0 is an option that sets the MD5 hash type
-a 3 is an option, which value triggers the mask attack
53ab0dff8ecc7d5a18b4416d00568f02 is a hash to be cracked
Copy to : Everyone Ebook By DonXirus
?l?l?l?l?l?l?l?l is a mask that specifies the generation of eight-character passwords consisting of small
letters.
That is, 15724838912 variants of passwords from 208827064576 of the total number of
variants were tested.
The -i option is optional. If it is used, it means that the length of candidates for passwords
should not be fixed, it should increase by the number of characters.
The --increment-min option is also optional. It determines the minimum length of candidates
for passwords. If the -i option is used, the --increment-min value is 1 by default.
And the --increment-max option is optional. It determines the maximum length of candidates
for passwords. If the -i option is specified, but the --increment-max option is omitted, then its
default value is the mask length.
Rules for using mask increment options:
Copy to : Everyone Ebook By DonXirus
Before using --increment-min and --increment-max, you must specify the -i option
the value of the --increment-min option can be less than or equal to the value of the --increment-
maxoption, but can not exceed it
the length of the mask can be larger in the number of characters or equal to the number of characters
specified by the --increment-max option, but the mask length can not be less than the character length set
by --increment-max.
So, we will correct the launch command for our task (the password has a length of six to ten
characters):
.\hashcat64.exe -m 0 -a 3 -i --increment-min=6 --increment-max=10
1
53ab0dff8ecc7d5a18b4416d00568f02 ?l?l?l?l?l?l?l?l?l?l
This command is similar to the previous one, but three new options have been added
(explained just above):
-i
--increment-min=6
--increment-max=10
And also the mask length is increased to 10 characters: ?l?l?l?l?l?l?l?l?l?l (as required by
the rules for using increment options).
It took a bit more time to complete the search, as candidates in passwords of 6 (+1 seconds
on my gland) and 7 symbols (+22 seconds) were tested in addition:
Copy to : Everyone Ebook By DonXirus
It means that all the password candidates was tested, but none proved true.
Copy to : Everyone Ebook By DonXirus
Known symbols can be placed anywhere in the mask: in the beginning, in the middle, in the
end; these can be single characters or groups of characters.
The second user-defined character set (letters from a to h, as well as numbers from 5 to 9)
1 -2 abcdefgh56789
Let me remind you - custom character sets are written among the options (before the mask
and before the hash).
Now create a mask (the first three characters in the password are numbers, not all, but only
the numbers from 0 to 4, the fourth character is only uppercase letters, and the fifth and sixth
characters are the letters from a to h, as well as the numbers from 5 to 9):
1 ?1?1?1?u?2?2
Copy to : Everyone Ebook By DonXirus
We will disassemble the mask:- the first three characters are designated as ?1?1?1 (these
are units, and not a lowercase letter L, they are digits ‘1’) are symbols from the first user set.
Next goes ?u, this is a built-in character set, denoting only capital letters. The next two
characters are designated as ?2?2, these are symbols from the second user set.
When specifying custom sets, you can use the notation of built-in character sets, for example:
1 -1 ?l?u
denotes the first user set consisting only of large and small Latin letters.
And
1 -1 ?l?u?d
means the first user set consisting only of large and small Latin letters, as well as numbers.
As already shown above, you can use custom and built-in character sets in any combination
in the mask.
Since many passwords will be created (more than half a million), instead of displaying on the
screen, they can be saved to a file. To do this, after the main command, you need to put the
symbol > (means redirecting the output to a file) and write the file name. For example, to save
all passwords to the lab1.dicfile, which will be created in the same folder as the executable
hashcat64.exe:
1 .\hashcat64.exe --stdout -a 3 -1 01234 -2 abcdefgh56789 ?1?1?1?u?2?2 > lab1.dic
Samples of hashes
The Hashcat program includes not only help, but also hash examples. They can be useful if
you have difficulty in correctly writing the hash format.
To display all examples of hashes at once, run the program with the option --example-
hashes:
1 .\hashcat64.exe --example-hashes
You can see a sample of one particular hash. For example, I need to find out what a hash
looks like to crack the RAR5 password; then I turn to the help page of the
program https://en.kali.tools/?p=1558 and search for RAR5 (use CTRL+f). I find that the
Copy to : Everyone Ebook By DonXirus
number of this hash is 13000; Next, I run the program with the option --example-hashes and
the already-known option -m (after which the hash mode number is specified)
1 .\hashcat64.exe --example-hashes -m 13000
So, to crack passwords from RAR5 archives, the hash should look like:
1 $rar5$16$38466361001011015181344360681307$15$00000000000000000000000000000000$8$cc7a30