I realy like to know the name of the tool used in mr.robot by eliot to brute force social media and email accounts
- Hot
- Active
-
Forum Thread:
How to log in tor
0
Replies
40 min ago -
Forum Thread:
Exploit Completed but No Session Was Created .
5
Replies
16 hrs ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
28
Replies
16 hrs ago -
Forum Thread:
Mikrotik - Part Four [UnderTaker - QoS]by : Mohamed Ahmed.
1
Replies
16 hrs ago -
Forum Thread:
Commercial Mattress Cleaning Services
0
Replies
16 hrs ago -
Forum Thread:
Eml to PST Conversion
5
Replies
18 hrs ago -
Forum Thread:
How to Get Proxychains to Work?
6
Replies
18 hrs ago -
Forum Thread:
I Want to Hack a Facebook Account.
6
Replies
18 hrs ago -
Forum Thread:
Pros and Cons of Parrot
14
Replies
21 hrs ago -
Forum Thread:
How to Hack into a Passkey Protected and Hidden "Ghost" USB Device That Doesn't Mount and Isn't Detected by the PC?
0
Replies
22 hrs ago -
Forum Thread:
On Which Does Kali Linux Run Best: Mac or Microsoft Computers?
0
Replies
22 hrs ago -
WIFI Hacking :
Crack WEP/WPA/WPA2 Password Without Dictionary/Bruteforce NEW METHODE : Fluxion
8
Replies
1 day ago -
Forum Thread:
Merry X-Mas!
2
Replies
1 day ago -
Forum Thread:
How to Hack My College Website ?
24
Replies
1 day ago -
Forum Thread:
How Russians Developed a Genius Way to Hack Slot Machines Casinos Have No Fix For
4
Replies
1 day ago -
Forum Thread:
BlueBorne - Kali Linux Script?
47
Replies
2 days ago -
Forum Thread:
I Can't Crack These NTLM Hashes... Any Help?
3
Replies
2 days ago -
Forum Thread:
How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux
10
Replies
2 days ago -
Forum Thread:
Mobile Hotspot Port Forwarding
17
Replies
2 days ago -
Forum Thread:
How to Install Weeman in Termux(Android) And Create a Phishing Page ?
1
Replies
2 days ago
-
How To:
Use MDK3 for Advanced Wi-Fi Jamming
-
How To:
Beginner's Guide to OWASP Juice Shop, Your Practice Hacking Grounds for the 10 Most Common Web App Vulnerabilities
-
How To:
Use Maltego to Monitor Twitter for Disinformation Campaigns
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Hack Wi-Fi & Networks More Easily with Lazy Script
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Hack 200 Online User Accounts in Less Than 2 Hours (From Sites Like Twitter, Reddit & Microsoft)
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Securely Sync Files Between Two Machines Using Syncthing
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
How To:
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
-
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
-
Hack Like a Pro:
How to Get Facebook Credentials Without Hacking Facebook
-
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
-
How To:
Hack Windows 7 (Become Admin)
24 Responses
There is a script called CUPP (Common Users Password Profiler) that generates custom wordlists based on information you give it, much like the one he uses.
i know scripts to generate passwords but i want the script he use to brute force not to generate passwords ! thnx bro
I'm curious too. Maybe this is where the necessary unrealistic things in Mr. Robot kick in?
-Phoenix750
You can use password lists in Hydra, and maybe even John.
I'm sure with a little reverse engineering a list generator and a cracker could be put together into one tool.
the question is what he used to brute-force the list, not how to generate one.
-Phoenix750
I understand that. I'm simply saying that a tool such as the one he's asking about could be built.
Actually, as far as I am aware, BIG web applications such as facebook, gmail... etc are protected against brute-force attacks. If the security system detects multiple failed login attempts it temporarily blocks the account itself rather than the source IP of the attacks.
So brute-forcing maybe not an easy option unless there was a tweak or something
I think it is a custom script he created he created himself....that accepts the information given and run the bruteforce along side it...
You're right, he used his custom script, and making the custom script means he know how does it work... and that's powerful
The comments in this article should hopefully prove useful.
am not looking for password generator am looking for password cracker
Did you read the comments? They were specifically talking about password crackers.
yep i did & thnx bro
hi ! since many people use their fav team or food or pet etc... its fairly easy to creat custom wordlist with some script and tools such as cupp but how to crack it? well its farily easy again if that website dosent limit you or have bot detection and captcha etc ... you can use hydra plus burp to start cracking it down (some email websites limit you to 100 try or 10 try like yahoo then it blocks you) so you gonna have hard time :P .
yep maybe i can use proxy or something else ! thnx bro !
Cracking passwords of native English speaking countries is much easier than countries where multiple languages are spoken. So regular crackers wont work.
Anything that can be done manually, can be automated by a bot.
To prevent such behaviour, website implement captchas and javascript to invalidate most common tools available to the average public. And haxor write libraries to overcome captchas and similar. This cat-and-mouse is always on favour of attackers, since they are always the most motivated to break a protection, anyhow, everywhere.
This said, to make a login bruteforcer for a specific platform like fb, twitter, instagram, you should make a script that mimics a browser behaviour, starting from the request headers, to accepting cookies, to resolving math javascript calculus just like a normal browser would do. It's tedious, and you will have to fix it from time to time as your target upgrades its protection scheme.
It's very likely that Elliot wrote those scripts on his own, and keeps them updated as he's used to hack everyone, on a daily base. I haven't bothered writing any (except an old one specific for my router) but with a little debugging of the connection (wireshark/burp), it's possible to replicate a manual browser connection and brute force login:pass.
I think elliot already got the password hash, all his script did was bruteforce the hash. CUPP would be a good tool to use here.
Now, how he got the hash is the question. Maybe wireshark or something similar? Thoughts guys?
That is not how it works, the cracking part is mostly unrealistic
it was realistic you just need to think about it,
you dont need to hack some one email to access all of his accounts all of us using many apps and register ourself in many website which they ask us to put email - user and password and 80% of us only one password easy ha? you get one app - webiste password you get all :)
you might be right. All Elliot had to find was one vulnerable website to which the target was registered.
i discovered that the login pages of web-based games are really vulnerable to brute-force attacks.
-Phoenix750
ùmmm yes that's right looking for a web site and getting to database or brute force our target password in the web site like forum ! store .... !! does reeally work and 95% he use t he same password =D
Try using TOR browser or install Hola extension in chrome or firefox
Share Your Thoughts