Register
Leak Society - The Home Of Nulled Resources.
Forum Beta v1 Now Live!
FULL CRACKING GUIDE (2000+ WORDS)
Thead Owner : Murder, Category : Tutorials & Information, 0 Comment, 1028 Read
Viewers: 1 Guest(s)
Thread Closed
Murder
Senior Member
****
325
Messages
160
Threads
0
Rep
4 Years of Service
05-20-2020, 12:14 PM
#1
THE COMPLETE CRACKING GUIDE
Written by Ghost
Introduction

In this thread, I will walk you the through the process of cracking. I will be covering setting up an operating system, how to find and make your own combolists, the different tools at your disposal, strategies to get HQ hits and much more. I have reason to believe that this might be the most comprehensive and in-depth cracking guide on the internet. If it’s the best cracking guide on the internet, why not make an ebook and sell it? Fuck E-Books. I strongly believe that information, whether it may be ethical or not, should be free for everyone.

Please leave a like if you want to see more content like this. Took me a shit long time to write this for you guys.


 Contents:
 
  • What to use: A RDP or Virtual Machine?
  • Paid Proxies or Free Ones?
  • Paid or Private Combolist?
  • A paid VPN or Free VPN?
  • Good Account Crackers
  • How to use STORM
  • How to use SentryMBA
  • How to use SNIPR
  • How to use OpenBullet
 

Before we start cracking we are going to need some things. Of course, this is my personal preference but I strongly advise you to stick with the tools and method I am about to teach you.
Basic things need for cracking accounts:
  • An account cracker
  • Proxies
  • Combolist
These are the bare minimum things you need to start cracking. However, don’t expect any good hits with only using these items. Plus there are many risks involved in using LQ items.
What I recommend you to get to start cracking:
  • An RDP or Virtual Machine
  • Paid Proxies
  • Paid or Private Combolist
  • A paid VPN
  • An account cracker


Should I get an RDP or can I use a VM?

If you are serious about cracking, I would advise you to invest in an RDP simply because it makes your life a whole lot easier. An RDP is basically a high-performance computer running 24/7. Cracking takes a lot of time and is very demanding on your PC. So if you’re trying to crack accounts on a VM which is on your primary PC, that’s going to have a toll on your PC’s speed. The other important thing is bandwidth. You need super fast internet in order to crack properly, It is not practical and in most cases, you will not get a steady internet connection from your personal network. All these issues are sorted if you get an RDP. I would recommend going with Amazon AWS’s EC2. They have a pay as you use pricing system and you get the first year completely for free. If you do not want to invest in a server, you could still use your own PC. But please use all tools for cracking on a VM. Never run anything downloaded online on your main computer.
As for the OS, I recommend sticking with windows mainly because most checkers are made for windows. Also, you will need to have frameworks like .NET up to date and running. As for Virtualization software, there are 2 options,
  • Oracle’s VirtualBox
  • VMWare Workstation
Virtualbox is open source, free and it works fine apart from a few bugs from time to time. VMWare is basically the big dog and Industry-standard when it comes to virtualization software. So, you could go with anything. I still use Virtualbox and I have never had any issues with running Windows 10 Pro on it.


What are Proxies and why should I use them?

A proxy server acts as a gateway between you and the internet. It’s an intermediary server separating end users from the websites they browse. When we are cracking accounts, essentially were trying to guess the correct login credentials from a long list of possible credentials that match. Many websites like Netflix, Spotify etc have set a limit for the number of traffic from a specific IP. We uses proxies to bypass this and that allows us to check millions of accounts. Free proxies and paid ones, free proxies are the ones which are freely available for anyone to use. Which meaning many people can use the exact same IP. Most companies have identified free proxy signatures and when you use free proxies on their websites it will not work. Private or paid proxies re proxies that are reserved only for you. That means the websites think you are an actual user. This way, your chance of being IP block when using HQ proxies is very low.


What is a combolist?

Simply, a combolist or combo is a leaked collection of user credentials in different formats. Example, (user:pass, email:pass). We need to decide which type of combo we need for the site we are cracking. Say that we are cracking Netflix accounts, I will need a combo in the format of email:pass because those are the credentials required to log in to Netflix. So how do you get combolist? There are two options, you can get it for free via forums, you can purchase HQ combos or you can make your own. I will teach you how to make your own combos.


 To make your own combo, you are going to want to need some tools:
  • SQLi Dumper
  • EZDork generator
  • NulledHash Decryptor

Note that this is just an overview and not a detailed tutorial. This thread is about cracking and not making combos. If You need any help with combos, feel free to pm me.


Step 1
Create your dorks using EZ dorks or any other method and paste it into SQLI Dumper.


[Image: 6PBrGDt.png]


Step 2
Select what sites you want to grab URLs from.


[Image: BwdoOvc.png]


Step 3
Once selected, Press “Start Scanner”


[Image: dbfohdP.png]


Step 4
You should see a list of URLs popping up


[Image: d6btqDD.png]


Step 5 (Exploitable)
Now that you have URLs in URLs Queue.
Goto Exploitables and click "Start exploiter".

Step 6 (Injectables)
Once you have a few URLs exploited.Goto injectables and click "Start Analyzer". You will start to see URLs select all of them and at the bottom it says "Search Columns\Tables Names (MySQL and MS SQL) ". Enter what you want to search like so and click start: Now depending on the search mine was Email, Pass you will see:
 
  • Search: Email
  • Rows: Number
  • [Number]Database.Column


In that column, If you searched Email it will look for a table with said name.
The number is how many rows(Lines) the table in the column has.
The password should have the same amount of Rows and match the Database.Column .
 Click and highlight the row you want to dump. Click the "Go To Dumper" drop-down button at the top then "New Dumper Instance":
 https://i.imgur.com/oRcYCys.png



 7. Dumping

Once Dumper is open tick threads checkbox:
 https://i.imgur.com/3KLSMxT.png

 Then click and highlight the column and click "Get Columns"
 https://i.imgur.com/qxyxGmM.png

 Now look for the Table name you searched for and tick/check-mark them accordingly.
Then move Threads slider to 50 this will speed up dumping but will use more resources:
 https://i.imgur.com/m4XEiZ1.png

 Once it's done click "Dump Data":
 https://i.imgur.com/Z7ss9zW.png

 Once dumping is finished click "Export Data":
 https://i.imgur.com/lbOiE7U.png

 Keep "Plaintext". Change "Delimiter" to "Custom :"
Then click Start and save to a location.
That's it you dumped a combo. (Summary of SQLi Dumper guide by Trilly Reign


Why do we need a VPN?
When cracking accounts, or when you’re dumping a database, you don’t want your own IP exposed because this will result in getting a ban from google. It is better to use a good VPN service, paid is always better. Further, it allows you to stay anonymous throughout the entire cracking process.
Okay, Now that I have explained everything you need in great detail, we can now start to crack accounts.





How to use STORM

STORM is by far one of the most powerful cracking tools. Man people find STORM to be the best tool for beginners due to its friendly UI. STORM is a multi cracker, meaning it can be used to crack almost any type of account. STORM can be used to crack accounts of your choice very easily.
 Things you need:
  • Combolist
  • Config for the site you want to crack
  • Proxies
Download a config file based on your requirement. Or you can download a bulk config pack here. Once downloaded, put all config files you got in the Configurations folder when done let's startup STORM.
STORM is the simplest cracker I’ve used, Now that we have STORM running, we can begin the cracking process.
 
  • select your config in the dropdown menu and set the threads and list position you want.
  • There are 2 types of STORM configs, normal (ini) and encrypted ones (sccfg). The difference is –non-encrypted configs can be edited –encrypted ones not.
  • Load your combolist (Depending on the website)
  • Load up your proxies. STORM is capable of running with 3 types of proxies simultaneously
  • HTTP, SOCKS4 & SOCKS 5 all work on STORM
  • Once you have done everything, Navigate to the main menu and hit start to start cracking.
It’s that easy! STORM will show real-time updates of the accounts being cracked. It will also show various other statistics like,
  • Tested
  • Retries
  • Banned
  • Hits
  • Bad
Cracking will take some time depending on the combo loaded and other factors. Once done, all the “Hits” cracked accounts will be saved in the Hits folder in the same format of the combo. Example: username:password.



How to use SentryMBA

SentryMBA is another extremely powerful tool that can be used to crack accounts. Similar to STORM, SentryMBA too is a multi cracker. SentryMBA is very similar to STORM and it is better to use it on an RDP.
Things you need:
  • Combolist
  • Config
  • Proxies
First download SentryMBA. You can download a modded version by The Old Warrior here.
Start your VPN and load up Sentry.
  • Load your config file
  • Go to proxy settings to see if the config requires proxies.
  • If it requires proxies, go to the “List” tab and click “Proxy list” to load up your proxies.
  • Once that is done, go to “List” again and click on Wordlist to add your combo
  • Go to history settings to set your “key” export.
  • Checkbox, “Update History Frame in Realtime”
  • Navigate to the main screen, load up the number of bots and start cracking.
  • Once the cracking is done, go to the History tab and all the hits will be saved.
  • Finally, you can save your hits as a .txt file for export.

How to use SNIPR

SNIPR is a paid cracking tool. There are many cracked versions of it but I advise you to get the paid one since most cracked applications have been ratted and trust me, you don’t want to deal with that nonsense.
Best thing SNIPR has is an email checker with integrated keyword. This feature is far better than all in one checkers.
SNIPR also has an inbuilt proxy scraper and checker and many combo tools.
 
  • Select the config you want depending on the accounts you want to crack.
  • If required, load up your proxies.
  • Load up your combo.
  • Once everything is done, start the cracker.
  • Your hits will be shown in real-time and can be exported into a .txt file upon completion.


How to use OpenBullet

OpenBullet is by far one of the most advance cracking tools in existence. It has a very nice UI and operates extremely fast.
Things you need:
  • Combolist
  • Config
  • Proxies
Start cracking with OpenBullet:
  • Open up OB
  • Navigate to the config folder and put all the config in it.
  • Inside OB, add your combo under wordlist.
  • Add the proxies
  • OB supports HTTP, SOCKS5 & SOCKS4 Proxies.
  • Go to the bruteforcer and add the config. (You can add up to 3)
  • Run the cracker, your hist will be shown in real-time and you can export all of them into a .txt

 That’s the end of the guide. Obviously, I can’t cover everything in a single thread. If you have any issues please leave a reply on this thread and I will update the thread accordingly. Thank you for reading.
- Ghost
Go Upstairs
Thread Closed


Forum Jump:

© Leak Society Forum - All Rights Reserved. No files found on Leak Society are hosted on our servers, we only share resources hosted externally.

Extras
Navigation

Forum Stats

  • 18877 Topics,
  • 213123 Messages,
  • 54196 With our member,
Made with by Ghost
LeakSociety Custom MyBB Build v1.2