-------------------------------------------------------------------------------- Submitted By snake_bite here you go !! Ok lets start with Where do I get the proggie. http://sentinel.deny.de/ Now unzip it. Right click the Sentry icon and create a shortcut and send it to your desktop. Open Sentry. You are at the MAIN screen. These settings from now on are the settings I like to use. GENERAL SETTINGS BOTS=20 Bots TIMEOUT IN 15 SECONDS USE GET INSTEAD OF HEAD....check mark in box WRITE DEBUG INFORMATION ON HITS....check mark in box SNAP SHOTS....Due to the size of the wordlists I use I do not use this feature. It will save all the settings you have set for the site you are testing except proxies and wordlists. If you tick the box Sentry will take a snap shot of your settings and the next time you load the site it will ask you if you want to load the snap shot. If you want to make changes to the settings anser NO and change the settings and Sentry will take another snap shot for the next time you load the site. SIMULTANEOUS I do not use this feature. It is used for running more then one site at the same time. WORDLISTS Click on the YELLOW FOLDER ICON and find the wordlist you want to use. I like wordlists of 600. My reason for this is that more and more sites are starting to tighen security and either throw tons of fakes or shut down the login around 600 to 700 attempts in a row. At the bottom is READ WORDLIST FROM DISK. If you tick the box click the YELLOW FOLDER ICON and find the wordlist on your CD. It will only load a certain number of combos at a time and as you progress in your testing it will keep reading from the CD. Manipulation is self explanatery. PROXY BOTS....Proxies are your life line. I like 15 to 20. If you are using a proxy judge you don't want to bog it down and get alot of uncheckable proxies. ANALYZER....Here is where you load the proxy lists from either a file or clipboard. YELLOW FOLDER ICON....Click this to load proxies from a file. BLACK DISKETTE ICON....Click this to save the list to a file. Nice to have if you are running a site that you test the proxies against before you test. Reload the saved list to retest against the next site. Saves time of having to load the orignal file that contains all the proxies that are good and bad again. LITTLE BROOM....Click it to remove BAD,TIMEOUTS,GATEWAYS if you want to(personaly I keep them) and to REMOVE DUPES. CLIPBOARD....Ever goto a site. Open a thread and try to save the page and it is blank. Now just highlite all the proxies then right click the mouse and click COPY. Then click on this icon and the proxies will be imported to the analyzer. Saves alot of work. WAND LIKE ICON....Will ramdomize the proxies. BLUE ARROW....will send the proxies in the analyzer to MT LIST. USE ONLY AFTER TESTING IS COMPLETED. RETRY TIMEOUTS....I only set this to 2. AUTOMICALLY DELETE ALL TIMEOUTS AND BAD PROXIES....I tick this box. Saves time. UPDATE MY LIST AFTER COMPLETION....I tick this box. That way the proxies are sent to MY LIST automically. ANALYZER OPTIONS PROXY JUDGE....You must use a PJ that is version 2.3x or better. PROXY TIMEOUT....I set this to 15 seconds IP....LOOK at the IP that is in the box. Make sure it is yours. If it is not then double click it and change it to yours. This is very important as a PJ tests if the proxy is anon against this IP. USE INTERNAL PROXY JUDGE....I tick this cause I can use it. It is a PJ set in port 80. If you can use it you will get alot more proxies to use. In order to use this you must click START SERVER in the OPTIONS BOX just underneath it. SERVER PORT will say 80 To start the analyzer click the LITTLE YELLOW LIGHTING BOLT not the START ICON. I have found that in version 1.1 that after you run the internal analyzer the first time you have to close the program if you want to run it again. SPECIAL....Here is where you test the proxies against a site. Tick TEST PROXIES AGAINST A SPECIAL SITE. Enter the members url into the box. I tick USE GET REQUEST METHOD. Then click the LITTLE YELLOW LIGHTING BOLT. I also use this option after my first analyzer test. Pick a site that does not bann to many proxies. The reason I do this is some proxies even though anon will not let you use them against porn sites. Gets them out of the way quick. BLACK LIST Here is where you put the proxies that you do not want in MY LIST. When you are testing a site if you click on REDIRECTS you will see proxies that even though anon will report you to the site with your own IP. You will see proxies that go to webabuse and other strange places. These proxies are a waste to have in MY LIST so we place them in the BLACKLIST.Sentry will auto delete them as it transfers the proxies from the ANALYZER to MY LIST. MY LIST....This is the list of proxies you are going to use. This is your life line to testing. DO NOT I repeat DO NOT ever tick DO NOT USE A PROXY. If you tick it you will be using your own proxy to test against a site. USE ONLY ONE PROXY....DO NOT TICK. The one proxy will be banned very fast. Now we see three heading PROXY..PORT..STATUS. If you click one of them the list will be sorted. This is very usefull for finding proxies you want to add to the BLACKLIST. First run a site. After it is finished click PROXY..MY LIST..STATUS. Now the list is sorted by status. PROXY ERROR(connection refused) is one you might see. Well it says proxy error so I say I don't want it then. In this case I want to add it to the BLACKLIST. Put the mouse curser over the proxy and right click it. In version 1.1 look for COPY SELECTED PROXIES TO CLIPBOARD. CLICK IT. Then click BLACKLIST and right click in the BLACK AREA and select ADD. In the popup box right click and select paste. Then click OK. It is now in the BLACK LIST. In version 1.2 look for SEND TO BLACKLIST and click it. It will auto goto the BLACKLIST. NOTE: The BLACKLIST will not show the port so don't worry it is ok. After the proxy is in the BLACKLIST in MYLIST right click the proxy again and select DELETE SELECTED to remove the proxy. In 1.2 or higher the proxy will be auto deleted. Now you also might see something like this CONNECTION ERROR followed by a number. These you don't want to BLACKLIST. They might be good on another day so just click the first one then hold the SHIFT KEY on the keyboard and click the last one. Now all are highlited. RIGHT CLICK and select DELETE SELECTED. They are now gone. DO NOT delete any BAN ON 200 REPLY or CONNECTION REFUSED. These 99% of the time can be used on another site. PROXY OPTIONS PROXY ROTATION....I set this to 20. BAN PROXY....I tick the first three boxes only. This means all the bad proxies and the proxies that got a hit will be non usable for the remanider of the test. But at the same time if your usable proxies go down to 20 all the proxies will REACTIVATE as we set Sentry to do this with PROXY ROTATION. When use start a new test Sentry will auto reactivate all the proxies in MY LIST if you leave the last two boxes unticked. STATISTICS This is straight forward. By looking at it you can see what is happening. HISTORY This will show the hits with the proxy that got it and the date. YELLOW FOLDER ICON....If you want to add sites for checking click here. BLACK DISKETTE....Saves the history to a file. USE DEFAULT FILTER we will see in OPTIONS. YELLOW BROOM....After verifing your history click this to move unwanted sites. CLIPBOARD....Same as adding proxies only this is for adding sites. AZ....There are three options here to sort the history list. The four headings SITE,PROXY USED,STATUS and DATE can also be clicked on to do a sort. HOW TO VERIFY HISTORY You history MUST BE HIGHLITED inorder to verify it. To highlite the whole history click on a site. Then hit the letter a on your keyboard. All will now be highlited. To verify only some of the sites. click on the first site you want to verify then hold down the SHIFT button on your keyboard and click on another site. All the sites inbetween the two will now be highlited. Failure to highlite sites to verify in history will cause a popup telling you no site are selected. On my version I then have to close and reopen Senty before I can attempt to try it again. OPTIONS REQUEST TYPE....Tick USE GET as we will be using failure key words that come from the source code. TIMEOUT....I set mine to 15. Same as the proxy timeout. KEY PHRASES....Tick this. Right click in the white box and add the failure keys. I will supply you with a small list to start with. As you try different sites you will find others to add here. ADVANCED....Tick this box. If the proxy that got the hit is still in MY LIST Sentry will try it against the site. Nice feature cause some sites ban the u/p if to many different proxies are used for that u/p. Don't worry cause Sentry will pick a proxy from MY LIST if the hit proxy is not available. SAVE FILTER....This is the format for the SAVE in history. The one provided it the best option to use. REPLY....You can view this while history is being checked. Click the LITTLE YELLOW LIGHTING BOLT to begin. DO NOT click the START icon. MANGER Show you what sites you have run and what wordlists you have run. FAKE RECIEVED SOURCE KEY PHRASES DEFINE FAILURE KEY PHRASES....Tick this. Remember we set everything to use GET. All failure keys are in the source code and GET must be used to retrieve them. Now in the white box right click it and add the failure keys I will supply at the end of the lesson. DEFINE SUCCESS KEY PHRASES....90% of the time failure key phrases will do the job. So for now leave this blank. STANDARD CHECK HITS....Because we are using failure key phrases we don't care what is in there. If Sentry does not find a failure keyword on the first try the combo is deemed a hit. CHECK USING SAME PROXY....DO NOT tick. CONSTRAIN HITS....This is for stopping Sentry after x number of hits. We only allow 10 passes per site so tick it and in ABORT TEST WHEN HITS EQUAL set it to 10 or less for getting passes to post right away. Untick it if you are just collecting passes to reverify for later. CONTENT-LENGTH....I don't use this feature so I leave it blank. SETTINGS USE SOUNDS....Tick it and hear the sound when you get a hit or Sentry stops a test. Want to hear something different. You can change the setting in the next two lines. RETRIES....I tick this and set it to 3. If you are getting to many 404 or 503 when viewing replies in progression screen either lower your bots or change this to a higher number. MISC For now I will skip this section. PROGRESSION BOTS....I set to 20 to 30 REPLIES....You can view what is happening here HITS....This is where the hits will show. Double clicking on a hit here will take you to the site. REDIRECTS....Here you can seere directs that might be hits or proxies that you want to blacklist. FAKES....When using failure keys you will see nothing. click fake and check mark ENABLE AFTER FINGERPRINTING when using success keys for a site also enable snapshot this will cause the setting to be saved and the next time u try the site answer yes to use success keys