ditatompel/insights
1
0
Fork 0
mirror of https://github.com/ditatompel/insights.git synced 2025-01-08 03:12:06 +07:00
Code Issues Projects Releases Packages Wiki Activity

Adding old content "Generate Custom Wordlist Dari Situs Target, My Own Brute Way" and add AdSense

Browse source
This commit is contained in:
Cristian Ditaputratama 2023-05-26 23:11:10 +07:00
parent d2e0845f92
commit 9d6734a7e7
Signed by: ditatompel
GPG key ID: 31D3D06D77950979
20 changed files with 151 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/_default/hugo.yaml
View file

@ -56,7 +56,7 @@ module:
# other modules
# - path: github.com/hugomods/google-analytics
# - path: github.com/hugomods/google-adsense
- path: github.com/hugomods/google-adsense
# recommended modules
# check which modules were imported by recommended module by "hugo mod graph | grep recommended".

2
config/production/params.yaml
View file

@ -1,2 +1,4 @@
# see https://hugomods.com/en/docs/google-adsense/.
# google_adsense = 'ca-pub-XXXXXXXXXXXXXXXX' # Please make that the Google AdSense module was imported.
params:
google_adsense: 'ca-pub-9452844291790895'

3
content/archives/2011/10/_index.id.md Normal file
View file

@ -0,0 +1,3 @@
---
title: Okt
---

3
content/archives/2011/10/_index.md Normal file
View file

@ -0,0 +1,3 @@
---
title: Oct
---

2
content/blog/idc-indonesia-dan-data-center-facebook/index.id.md
View file

@ -11,7 +11,7 @@ pinned: false
series:
# -
categories:
# -
- TIL
tags:
- Facebook
- Indonesia Data Center

2
content/blog/macos-is-not-the-same-family-tree-with-linux-it-never-been/index.md
View file

@ -1,5 +1,5 @@
---
title: "Macos Is Not The Same Family Tree With Linux, It Never Been"
title: "MacOS Is Not The Same Family Tree With Linux, It Never Been"
date: 2019-05-14T04:13:23+07:00
lastmod:
draft: false

BIN
content/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/custom-wordlist1.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 95 KiB

BIN
content/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/custom-wordlist2.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 86 KiB

BIN
content/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/feature-my-own-brute-way.jpeg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 267 KiB

135
content/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/index.id.md Normal file
View file

@ -0,0 +1,135 @@
---
title: "Generate Custom Wordlist Dari Situs Target, My Own Brute Way"
description: Kadang seorang administrator menggunakan password dengan kata dari website mereka. entah itu dari nama perusahaan, organisasi atau nama produk unggulan mereka. Berikut ini tutorial cara untuk men-download website dan mengubahnya menjadi sebuah wordlist.
# linkTitle:
date: 2011-10-01T22:36:55+07:00
lastmod:
draft: false
noindex: false
# comments: false
nav_weight: 1000
# nav_icon:
# vendor: bootstrap
# name: toggles
# color: '#e24d0e'
series:
# - Tutorial
categories:
- Security
tags:
- Hydra
- Cupp
- Wyd
- BackTrack
images:
# menu:
# main:
# weight: 100
# params:
# icon:
# vendor: bs
# name: book
# color: '#e24d0e'
authors:
- ditatompel
---
Kadang seorang Sistem Administrator menggunakan password dengan kata dari website mereka. entah itu dari nama perusahaan, organisasi atau nama produk unggulan mereka. Berikut ini tutorial cara untuk *men-download* website dan mengubahnya menjadi sebuah *wordlist*.
<!--more-->
*Tools* yang diperlukan:
1. [Wyd](http://packetstormsecurity.org/files/51130/wyd.tar.gz.html)
2. [Hydra](http://thc.org/thc-hydra/)
3. [Cupp](http://ls-la.ditatompel.crayoncreative.net/linux/cupp-3.0.tar.gz)
Untuk para pengguna **BackTrack**, tidak perlu repot menginstall semua tools tersebut. Untuk Distro lain, bisa mengikuti langkah-langkah berikut.
## Download semua konten situs
Pertama kita buat dulu direktori kerja
```bash
mkdir ~/custom-wl; cd ~/custom-wl
```
Download semua isi konten website target dengan wget sampai selesai, misal situs target kita adalah `http://ditatompel.crayoncreative.net`:
```bash
wget -r http://ditatompel.crayoncreative.net
```
```
<blah blah blah . . . . .>
FINISHED --2011-10-01 12:55:41--
Downloaded: 602 files, 19M in 6m 21s (51.2 KB/s)
```
File2 tersebut akan disimpan di direktori `~/custom-wl/[domain-situs]` atau dalam tutorial kali ini `~/custom-wl/ditatompel.crayoncreative.net`.
## Menggunakan wyd.pl
Kemudian ambil dan siapkan senjata perang utama kita : `wyd.pl` ( Pengguna **BackTrack** tidak perlu download karena sudah ada di `/pentest/password`).
```bash
wget http://dl.packetstormsecurity.net/Crackers/wyd.tar.gz
tar -xvzf wyd.tar.gz
cd wyd
perl wyd.pl -n -o ~/custom-wl/wordlist-mentah.txt ~/custom-wl/ditatompel.crayoncreative.net
```
![Custom Wordlist 1](custom-wordlist1.jpg#center)
Nah, kita punya file berisi kata-kata dari situs target, dan senjata utama juga sudah beraksi. Tapi masih ada yang kurang nih bro..
```bash
less ~/custom-wl/wordlist-mentah.txt
```
kata-kata yang digenerate sama `wyd.pl` tadi masih banyak yang kembar. Kita rapikan dulu dengan menggunakan perintah `uniq` supaya nantinya kita tidak mengorbankan *memory usage*.
```bash
cat ~/custom-wl/wordlist-mentah.txt | uniq > ~/custom-wl/wordlist-setengah-matang.txt
```
## Install Hydra, `pw-inspector`
Oke, sekarang *wordlist* kita sudah agak rapi. Kita pilihin lagi nih bro supaya *script2* tanpa spasi seperti `jquery.min.js` ga ikut masuk ke dalam *wordlist*. Caranya kita buang *wordlist* yang hurufnya kurang dari 5 dan lebih dari 30 (karena jarang orang punya password lebih dari 30 karakter) menggunakan alat `pw-inspector` (didapat dari fiturnya **Hydra**, jadi klo yang belum punya **Hydra** download dan install dulu).
Install Hydra :
```bash
wget http://www.thc.org/releases/hydra-7.0-src.tar.gz -O /usr/local/src/hydra-7.0-src.tar.gz
cd /usr/local/src/; tar -xvzf hydra-7.0-src.tar.gz
cd hydra-7.0-src
./configure
make && make install
```
Buang *wordlist* yang hurufnya kurang dari 5 dan lebih dari 30 :
```bash
cat ~/custom-wl/wordlist-setengah-matang.txt | pw-inspector -m 5 -M 30 > ~/custom-wl/wordlist-oke.txt
```
Nah sekarang udah lumayan rapi *wordlist* kita. Bro2 sekalian bisa pilih-pilih lagi tuh *wordlist*. Klo wordlistnya cukup besar, buka pake vi / editor spt kate bisa makan banyak *memory*, atau kita bisa gunakan `head -n 25 wordlist.txt` Untuk melihat 25 baris pertama atau `tail -n 25 wordlist.txt` untuk melihat 25 baris terakhir (optional).
## Menggunakan CUPP
Lalu sebagai pemanis kita jalanin uler kadut yang di **BackTrack** juga udah eksis, **CUPP**. Yang belum punya **CUPP** bisa download dulu :
```bash
wget http://ls-la.ditatompel.crayoncreative.net/linux/cupp-3.0.tar.gz -O ~/custom-wl/cupp-3.0.tar.gz
cd ~/custom-wl/; tar -xvzf cupp-3.0.tar.gz
cd cupp; python cupp.py -w ~/custom-wl/wordlist-oke.txt
```
Jawab pertanyaan dari sang juru kunci ini. Outputnya kurang lebih seperti ini :
```
> Do you want to concatenate all words from wordlist? Y/[N]: N
> Do you want to add special chars at the end of words? Y/[N]: N
> Do you want to add some random numbers at the end of words? Y/[N]Y
> Leet mode? (i.e. leet = 1337) Y/[N]: Y
[+] Now making a dictionary...
[+] Sorting list and removing duplicates...
[+] Saving dictionary to /root/custom-wl/wordlist-oke.txt.cupp.txt, counting 580896 words.
[+] Now load your pistolero with /root/custom-wl/wordlist-oke.txt.cupp.txt and shoot! Good luck!
```
![Custom Wordlist 2](custom-wordlist2.jpg#center)
Nah sampai di sini dulu.. Untuk bruteforcenya pasti udah pada punya tools favorit masing2.
## Referensi
* Ebook **Cracking Passwords** by: **J. Dravet**
* [http://thc.org/thc-hydra/README](http://thc.org/thc-hydra/README)

1
go.mod
View file

@ -58,6 +58,7 @@ require (
github.com/hugomods/bootstrap v0.6.2 // indirect
github.com/hugomods/fuse-js v0.1.0 // indirect
github.com/hugomods/giscus v0.1.0 // indirect
github.com/hugomods/google-adsense v0.1.0 // indirect
github.com/hugomods/gravatar v0.2.0 // indirect
github.com/hugomods/icons/vendors/font-awesome v0.6.0 // indirect
github.com/hugomods/katex v0.2.0 // indirect

2
go.sum
View file

@ -108,6 +108,8 @@ github.com/hugomods/fuse-js v0.1.0 h1:CmWHBZANvjOP44RDNQNLntqlLf9GLqeM29jekxTNcP
github.com/hugomods/fuse-js v0.1.0/go.mod h1:srCqvtBQR02HS/abTraDU4oINv1D3PljNPdexdoHhpo=
github.com/hugomods/giscus v0.1.0 h1:tIu1TzYByC/XlxxiBl9+CkQp9OeR4UhoZjbQSlcDt5E=
github.com/hugomods/giscus v0.1.0/go.mod h1:tCRkqNi/sMsLh3kjDesXZNzf4R/w+b5oc5boS/l8Jtw=
github.com/hugomods/google-adsense v0.1.0 h1:eykHVCF+JjJRpEQ/b+EkH9aQLQxIdGI8m06qsq1iybA=
github.com/hugomods/google-adsense v0.1.0/go.mod h1:zXQIuUr9pIqlNdCzOLY04Rx7oeUm5R+OhUmscNPiI0w=
github.com/hugomods/gravatar v0.2.0 h1:642HNhGN7Mw7qefNcUFJKzLoT2zJKt4IQkrS53mIUfA=
github.com/hugomods/gravatar v0.2.0/go.mod h1:oATWuh5u2XUK/ZKzOD0VEP5I/TZfVZwplTyhT61Q4Fc=
github.com/hugomods/icons v0.6.0 h1:G6RU93okhPPRDh/jqcew9gwkcYpSpg0rCBv4S6yUAFw=

2
resources/_gen/assets/scss/hb/scss/index.tmpl.scss_7e25a8552c7daab601c46e043455d392.content
View file

File diff suppressed because one or more lines are too long

2
resources/_gen/assets/scss/hb/scss/index.tmpl.scss_7e25a8552c7daab601c46e043455d392.json
View file

@ -1 +1 @@
{"Target":"css/hb.fadfad8d9267744c3d5c723f990e800af9698aabe2d0d5a7cd9eda25b3ea6a10.css","MediaType":"text/css","Data":{"Integrity":"sha256-+t+tjZJndEw9XHI/mQ6ACvlpiqvi0NWnzZ7aJbPqahA="}}
{"Target":"css/hb.98ae523102ae2ad93f309f32a26274760bb135fb00d6aecf67cf56d7c237d48f.css","MediaType":"text/css","Data":{"Integrity":"sha256-mK5SMQKuKtk/MJ8yomJ0dguxNfsA1q7PZ89W18I31I8="}}

BIN
resources/_gen/images/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/custom-wordlist1_hu2c31a4f4a854903da6338f3b460e9e3b_97727_726x768_resize_q75_h2_box.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 79 KiB

BIN
resources/_gen/images/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/custom-wordlist2_huad1f90a6412e6dc6e796cfe59b71c0e3_88608_692x768_resize_q75_h2_box.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 72 KiB

BIN
resources/_gen/images/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/feature-my-own-brute-way_hube03703b10863210700b66260b222797_273514_0a07f06658b8644e45918ff7da00bc32.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 24 KiB

BIN
resources/_gen/images/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/feature-my-own-brute-way_hube03703b10863210700b66260b222797_273514_0x360_resize_q75_box.jpeg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 31 KiB

BIN
resources/_gen/images/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/feature-my-own-brute-way_hube03703b10863210700b66260b222797_273514_0x640_resize_q75_box.jpeg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 72 KiB

BIN
resources/_gen/images/tutorials/generate-custom-wordlist-dari-situs-target-my-own-brute-way/feature-my-own-brute-way_hube03703b10863210700b66260b222797_273514_7a1d05599bcb17aef48af6e1e12b7fab.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 50 KiB