hungerforce 


First of all you need Form@ wich is a "form based login" cracker.

Download it here: >>>>>>>>>>> http://sss.deny.de


Step 1 (Proxy list).

Start Form@ and chose "Settings -> Proxy Manager".

Choose "Multiple Proxies"[/color] and click on the "Load Proxies" button.

When the list that you have choosen is loaded click the "Done" button.

Remember that every time you start Form@ the proxy settings will be "Single Proxy".

So every time you start Form@ after the first time you have to clear all the proxies by clicking on

the "Clear all" button. Choose "Multiple Proxies" and click "Done". If you don't do that you want be able to crack.

The Anonymity tester in Form@ is no good so you need to test the proxies before you load them into Form@


Step2 (WordLists).

Click on "File -> Load Worldlist" and choose the list that you want to use.


Step3 (Form Data).

Lets say that you want to crack http://www.teenamateurpages.com. First you have to find the member URL and paste it into "URL" in Form@. (http://members.teenamateurpages.com/members/)

Click on "Start" and an Form Analysis window will pop up. Thats the great thing about Form@. It is analysing the form by itselfe. If you cant get any response you have to click on the "Switch Proxies" button to send the request with a different proxie IP address.

If you have done all the things right so far you will get this data:



Form Action: index.html

Form Method: POST

UserName Firlds: CF_Sentry_Username

Password Fields: CF_Sentry_Password



Click on "Use This Data" button.


Step4 (Failure Keywords).

After you have clicked the "Use This Data" button, a "Hit Detection Settings" window will pop up. This is where you have to enter the failure keywords that appears on the site when you have the wrong username and password. To find the failure keywords you have to go to the member URL and write a username and password into the form (doesnt matter how the U & P is) and click on the "Login" button. As you can see the words "Access Denied: Username and password could not be verified. Please try again..." appears. Write in "Access Denied" into the "Failure Keywords" and click on the "Test" button to check if Form@ understand the keywords. If you got the right failure keyywords you will se "Failure keys detected on 1 attempts". If not it will say "Failure keys detected on 0 attempts" and you have to write som other words that you think is right.

When you got it all right click on the "Launch Attack" button and just wait for the passwords!!



That's it. Enjoy!!!