So you want to be a password Cracker ? ? Disclaimer: This file is for educational purposes only. Basic Tips & Tricks (DOS revisited) (IBILL SECURITY) -=[Lucifer Fallen]=- Most of these are common tricks, and not all have to do with cracking directly. I have learned alot of this stuff from fellow crackers, and with a little trial and error. I am writing this for you newer crackers, as most of the elite crackers already know this. Built in DOS programs. Most of these are hardly used because people are so use to using windows applications. I almost never trace people using a windows program. DOS tends to be much more effective and easier on your CPU. Also, you wont subject yourself to possible viruses built into these "tracing" programs, like Genius2. 1.)PING a.)Ping can be used several different ways to achieve a number of things. Let's say for example you know someone may be online hiding from you and you already know their IP address. Well when you ping them, you will know if they are online or not. I am not going into all the types of ping options, however I will list them. You can play with them yourself. Open a DOS window and type "ping" and hit enter, and the following options will be presented. ping -a (resolves host name from IP or vice versa) ping -t (pings target IP until you stop it) ping -n (to specify number of times you send echo request) ping -l (to specify the size of the buffer packet) ping -f (to specify not to fragment the buffer packet) ping -i (TTL, "time to live") ping -v (TOS, "type of service") ping -r (record route for count hops) ping -s (timestamp for count hops) ping -j (loose source route to specified host-list) ping -k (strict source route to specified host-list) ping -w (timeout in milliseconds to wait for each reply from echo sent) 2.)TRACERT a.)This option is excellent in my opinion. You can type the command "tracert " or "tracert " and see the route it takes across the internet to reach the specified host. I like using the IP option to look at unknown IP addresses, it will usually trace it across the net, while resolving to the host name. Excellent for looking at proxy IP's and finding out their resolved host names. Tracert has fewer options than ping. It can be used alone as above, or can be used with the following options added. tracert -d (do not resolve IP to host name) tracert -h (maximum number of hops to search for host) tracert -j (loose source route along host-list) tracert -w (wait timeout in milliseconds for each reply) 3.)NETSTAT a.)This option is very useful for alot of things, some more advanced than me. It is very useful in detecting if someone has connected to your computer with Back-Orifice or Netbus. It will list your open ports, connected ports, and a bunch of other things. Using the following command will show you possible connections from someone else accessing your HD. "netstat -a -n". Below are a list of other options of Netstat. netstat (shows some of your connections and listening ports) netstat -a (displays ALL connections & listening ports) netstat -e (display eithernet statistics, can be combined with -s) netstat -n (display addresses and port numbers in numerical form) netstat -p (shows connections for protocol specified by TCP,UDP, or IP) netstat -r (display the routing table) netstat -s (display per protocol stats. default is TCP,UDP and IP) interval (redisplays selected stats by pausing every few seconds) 4.)TELNET a.)This program should be your default telnet program. There are not really any options with this particular DOS program. However, you can play around with this using Wingates for doorways to help hide your IP. Now I won't pretend to tell you I have this one all figured out, as I work at it everyday. It is great practise to telnet to a server just to see how it works and how some systems react. This is the very basic Telnet program, and if you like, there are other programs for telnet based in windows. ------------------------------------------------------------------------------------ THE TRUTH ABOUT IBILL SECURITY I hear all the time, it's IBILL can't be cracked, they see thru your proxy. Well, this is a big misconception. First off, they can be cracked. Most times when you connect to the site you intend to crack, the authorization comes from their site directly. On occasion, it connects to the secure server of IBILL. Now the reason people assume that IBILL could see past your anon proxy is understandable. They see their connection completely bypass their proxy. They wonder how this is possible. Well I am about to tell you. Open up your advanced preferences and look at your options for manual connection to the internet. You should have 6 different choices for the input of your proxy. 1.)HTTP 2.)SECURITY 3.)FTP 4.)SOCKS 5.)GOPHER 6.)WAIS Now, we will be focusing on the http and security inputs. When you connect to IBILL, for example, to buy a membership. Instead of them connecting to your http port, they connect to your security port. So if you have no proxy there, it reads your home IP. So when you connect you think they just read right thru your proxy. When in reality, it just connected to your security port which had no protection. IBILL is no different than any of the others, just appears that way. One thing to always keep in mind, for every security measure taken, another door is left open. For as long as there is a way to keep someone from entering a site, there will always be a backdoor too. So find yourself a good proxy and use it in your security port. When you go proxy hunting on the various sites, try to pick one that offers the most range of uses. It might not be the fastest, but it just might mean the difference between getting caught or staying safe.