Detailed explanation of one-sentence password cracking by automatic circulating Machine

Zhima Xiaoye

Today, I am studying how to crack a single-sentence password on the automatic circulating machine of the tracing leopard.

Later, I finally learned that it was a just-breaking issue. Fortunately, my computer has a lotToolsFindManualInjection helpSystemThe tool of is the same as that of the automatic cycle machine of the tracing leopard.

First, let's take a look at the principle. to crack a single sentence, we must first have a comparison value. Here we set the comparison value, and response. write isAsp.CharacterString comparison

Set response. write ("aaaaaaaaaaaa") Here. the keyword is aaaaaaaaaaaa.

The following is an http request in the manual injection help system:

_ Dict1 _ is a dictionary.FileYou can switch to the dictionary in the menu bar.

Finally, set the keyword in the keyword.

Click start in the lower-right corner to start cracking a password. If the password is cracked successfully, it will be output to the result output column.

Asp is used in all the tutorials of tracing leopard. The following describes how to use an automatic circulating machine to crackPhpOne-sentence Password

The filling method is similar to asp, and a comparison value is also set,

Myship. php? _ Dict1 __= echo % 20 aaaaaaaaaaaa; // output aaaPage

Select a dictionary and set a keyword like asp,




If the brute-force cracking is successful, it will be output to the result output column.

Finally, I would like to thank the purple eldest brother for helping explain the php brute-force cracking method. The Purple eldest brother said that the above php brute-force cracking method is only applicable to the eval mode.

Other methods can be used as follows:

GET/myship. php? _ Dict1 __= 1 HTTP/1.1
Host:Www.xxx.com

Keyword value for comparison: error // errors reported by php