URL Bruteforce I guess

[blk.Sith0]

Lets pretend this dictionary has every word from "aaaaaaaaaaa" to "///////////". Now uh, should make this. Who cares if it doesnt finish, I could at least get some, right?

[Satan911]

That would require the exact same amount of time.

Instead make a good list of common file or dir names and bruteforce these instead. Might get less results but it will definitely take less time.

And by the way you wouldn't even get like phpmyadmin/ or administrator/ because there are too much chars.

[ande]

Lets pretend this dictionary has every word from "aaaaaaaaaaa" to "///////////". Now uh, should make this. Who cares if it doesnt finish, I could at least get some, right?

Even just one row of letters aaaaaaaaaaa to bbbbbbbbbbb would be 296196766695424 attempts or something. And the likeliness of finding something in between aaaaaaaaaaa to bbbbbbbbbbb is very small.

If these values are to represent names, you will have much greater success downloading a few megs of name lists and combo bruting them.

[blk.Sith0]

Well I guess I'm out of luck then, because each page's code is some weird completely random thing.
ucePV/9yWJA=
RRdpA/Pna2c=
There's a couple of actual codes. So I guess theres not much to be done.

[blk.Sith0]

Alright guys. Guys. I know this is as important to you as it is to me, so I have some good news.

I have at least 8 computers that can be running this nonstop 24/7.

And if my calculations are correct, that will only take 8.45 days. So we can do this!

10 juicy dollars

[ande]

Alright guys. Guys. I know this is as important to you as it is to me, so I have some good news.

I have at least 8 computers that can be running this nonstop 24/7.

And if my calculations are correct, that will only take 8.45 days. So we can do this!

10 juicy dollars

I can assure you it will not take 8,45 days. It does not matter how many computers you got. The web server is going to be the bottleneck. Take my earlier calcs with 1000 requests pr second, which is insanely much.

[Stackprotector]

Also, i'm not sure if you have all the computers on 1 net.
If so, 8 would be to much for 1k requests/s, you will notice alot of lag.
And yes, only if you are brute-forcing a very high end server you will have profit of 8 computers.

[blackghost07]

hii i want to brute force on url which is like site.com/code?u=12345678901234&p=123456 and i just want to brute force on the p value and it contains only number of 6 digit.

[ande]

hii i want to brute force on url which is like site.com/code?u=12345678901234&p=123456 and i just want to brute force on the p value and it contains only number of 6 digit.

You should consider making a new thread for this question. This thread is pretty old.


However, it is pretty simple. But we probably need a bit more information. Do you know any programming languages? Is it a logged-in page? What sort of data are you looking to extract from the pages?

Here is a simple full-page-save in PHP

Code: (php) [Select]

for($i=0;$i<999999;$i++)
{
    file_put_contents($i.'.html', file_get_contents('http://evilzone.org/index.php?u=12345678901234&u='.$i));
}