eskan
Security Breach Investigator
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 2
900 XP
I came across this while trying to learn how to create configs myself and wanted to share.
Simple and to the point. Will help you at least understand how to get up and rolling.
Enjoy creating your own configs!
Step 3:
Now in the "HTTP Header" tab, simply check the MW option, and click on the wand icon.
Step 4:
Hit "Analyze Login" and Check "Refresh Proxy" [Only needed if cookie is present]
You should now see all the login data present below.
Step 5:
Now you have all the required data, click on "Use Data".
Step 6:
Go to "Fake Settings" and put your settings like this:
Step 7:
Go to the "Keywords" section, and make sure you have atleast the following: Failure,
Success and Ban Key<[Ban key is only needed if ban actually occurs]
Now go back to the site you want to crack, and you logged into.
Identify the Unique Key, that's only showed when your successfully logged in.
Rightclick on the logout text, and select "Inspect Element"
Identify the same key, and make sure to use the > & < [if present]
[>Log me out<]
Step 8:
Now you have your successkey, we still need a failure and ban key.
For the failure key you can simply re-do step 7.
Go to the login page of the site, and login with any info [[email protected]]
Now add that unique key as a failure key.
Step 9:
To identify the ban-key, you will need to make a combolist of false logins like
[email protected]:password
Now copy and paste this around 100 times, and run it in Sentry.
If the site bans you, you will see some accounts going to the To-check section.
Right-click on any of those accounts, and select "View Source Answer in Browser".
Now do the same you did in step 7, but then for the ban key.
Step 10:
You are now done, so make sure you save your config.
Your config will be located inside the Sentry MBA folder, in a folder called "SnapShots".
I spend time sharing these guides/tutorials with the community.
Please don't be crappy and leave a short "ty" response.
If you did, but then appreciated my guide, go back and edit your reply
Simple and to the point. Will help you at least understand how to get up and rolling.
Enjoy creating your own configs!
Step 3:
Now in the "HTTP Header" tab, simply check the MW option, and click on the wand icon.
Step 4:
Hit "Analyze Login" and Check "Refresh Proxy" [Only needed if cookie is present]
You should now see all the login data present below.
Step 5:
Now you have all the required data, click on "Use Data".
Step 6:
Go to "Fake Settings" and put your settings like this:
Step 7:
Go to the "Keywords" section, and make sure you have atleast the following: Failure,
Success and Ban Key<[Ban key is only needed if ban actually occurs]
Now go back to the site you want to crack, and you logged into.
Identify the Unique Key, that's only showed when your successfully logged in.
Rightclick on the logout text, and select "Inspect Element"
Identify the same key, and make sure to use the > & < [if present]
[>Log me out<]
Step 8:
Now you have your successkey, we still need a failure and ban key.
For the failure key you can simply re-do step 7.
Go to the login page of the site, and login with any info [[email protected]]
Now add that unique key as a failure key.
Step 9:
To identify the ban-key, you will need to make a combolist of false logins like
[email protected]:password
Now copy and paste this around 100 times, and run it in Sentry.
If the site bans you, you will see some accounts going to the To-check section.
Right-click on any of those accounts, and select "View Source Answer in Browser".
Now do the same you did in step 7, but then for the ban key.
Step 10:
You are now done, so make sure you save your config.
Your config will be located inside the Sentry MBA folder, in a folder called "SnapShots".
I spend time sharing these guides/tutorials with the community.
Please don't be crappy and leave a short "ty" response.
If you did, but then appreciated my guide, go back and edit your reply
