724 login attempts from 125 IP ranges in 30 countries

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Bama
    Confirmed User
    • Nov 2001
    • 2727

    #1

    724 login attempts from 125 IP ranges in 30 countries

    Yeah Strongbox

    Not 1 made it in
  • Evil E
    Confirmed User
    • Apr 2005
    • 3201

    #2
    Question for you: If one of the attempts was successful, wouldn't you not know about it?


    A girl once told me "Give me 8 inches and make it HURT".

    So, I fucked her twice and hit her with a brick.

    Comment

    • Zuzana Designs
      All Your Design Needs
      • Feb 2005
      • 20896

      #3
      WOOT WOOT strong box

      Website Design - Consulting - Development
      sarah [at] zuzanadesigns.com - See Our Work

      Comment

      • ladida
        Confirmed User
        • Nov 2005
        • 2179

        #4
        Originally posted by Evil E
        Question for you: If one of the attempts was successful, wouldn't you not know about it?
        :P
        agentGFY *at* gmail.com

        Comment

        • d-null
          . . .
          • Apr 2007
          • 13724

          #5
          someone shared a password?

          __________________

          Looking for a custom TUBE SCRIPT that supports massive traffic, load balancing, billing support, and h264 encoding? Hit up Konrad!
          Looking for designs for your websites or custom tubesite design? Hit up Zuzana Designs
          Check out the #1 WordPress SEO Plugin: CyberSEO Suite

          Comment

          • pr0
            rockin tha trailerpark
            • May 2001
            • 23088

            #6
            Originally posted by jetjet
            someone shared a password?
            na, it was probably a simple program with proxies used to find weak passes
            __________
            Loadedca$h - get sum! - Revengebucks - mmm rebills! - webair (gotz sErVrz)

            Comment

            • Socks
              Confirmed User
              • May 2002
              • 8475

              #7
              Originally posted by pr0
              na, it was probably a simple program with proxies used to find weak passes
              If it was, 724 attempts is pretty pathetic. :P

              Comment

              • Iron Fist
                Too lazy to set a custom title
                • Dec 2006
                • 23400

                #8
                Originally posted by Evil E
                Question for you: If one of the attempts was successful, wouldn't you not know about it?
                Welp -- check the torrent sites for those site rips
                i like waffles

                Comment

                • ultimatebbwdotcom
                  Confirmed User
                  • Mar 2006
                  • 591

                  #9
                  RUP's are a mostly what stops BF
                  Ultimatebbw.com
                  Dangerouscurvesdesign.com

                  Comment

                  • k0nr4d
                    Confirmed User
                    • Aug 2006
                    • 9231

                    #10
                    I remember once when I worked for a sponsor and we had someone trying to bruteforce a site, i set the invalid login page to a jpg file that causes internet explorer to use a shitload of ram. I guess whatever program he was using was using internet explorer in some way, because it stopped almost instantly after.
                    Mechanical Bunny Media
                    Mechbunny Tube Script | Mechbunny Webcam Aggregator Script | Custom Web Development

                    Comment

                    • Bama
                      Confirmed User
                      • Nov 2001
                      • 2727

                      #11
                      Originally posted by Evil E
                      Question for you: If one of the attempts was successful, wouldn't you not know about it?
                      Actually, yes, I would

                      Comment

                      • Evil E
                        Confirmed User
                        • Apr 2005
                        • 3201

                        #12
                        Originally posted by Bama
                        Actually, yes, I would
                        I'm just curious as I don't know that software inside out...


                        If the bad guy is using a new proxy(new ip address) and is able to login in 1 attempt, how can you know that has malicious intent and is a bad guy?


                        Of course in your logs you'll see all the ips that did connect successfully, but you probably can't identify him.

                        Now if you're getting hammered by dictionnary attacks or brute force even if the guy is using a proxy list... of course it's gonna figure it out...


                        A girl once told me "Give me 8 inches and make it HURT".

                        So, I fucked her twice and hit her with a brick.

                        Comment

                        • Jens Van Assterdam
                          The Dupre Pimp
                          • Feb 2008
                          • 6677

                          #13
                          Those strongbox captcha´s are crackable by school girls..
                          All it takes is a good wordlist..
                          Read TOS for signature rules

                          Comment

                          • Bama
                            Confirmed User
                            • Nov 2001
                            • 2727

                            #14
                            Originally posted by Jens Van Assterdam
                            Those strongbox captcha´s are crackable by school girls..All it takes is a good wordlist..
                            And yet it works so well...

                            Comment

                            • payd2purv
                              Too lazy to set a custom title
                              • Jan 2008
                              • 2727

                              #15
                              Captcha hacks don't work off wordlists you fuckin newb.

                              and if your password/username can be cracked by a wordlist you need to stop having control over ANYTHING that requires a login..

                              cause yer an idiot.

                              Comment

                              • Socks
                                Confirmed User
                                • May 2002
                                • 8475

                                #16
                                From: http://cxliv.org/2006/04/05/password_cracking_speed.php

                                Using this as our guideline, a 6 character password using the 62 characters possible from upper- and lower-case letters and numbers will produce 57 billion possibilities, and according to this site, Class D hardware can exhaust every such possibility in just 1.5 hours. That's not long. Add common symbols to that mix (increasing the possible characters to 96) and you increase the combinations to 782 billion (for the same 6-character length), meaning the same hardware will take slightly longer to go through all iterations: 22 hours.

                                Increasing the length of your password makes it more difficult - an 8 character password drawn from the pool of 62 possible characters (letters and numbers) means that there are 218 trillion possibilities, which would require the same hardware a whopping 253 days to process. Meanwhile, using the 96 possible characters that include common symbols would take 23 years on that same hardware!

                                Comment

                                • ultimatebbwdotcom
                                  Confirmed User
                                  • Mar 2006
                                  • 591

                                  #17
                                  Takes a whole lot longer when it has to work out the user and the pass, i think the example there is username known, password not.
                                  Ultimatebbw.com
                                  Dangerouscurvesdesign.com

                                  Comment

                                  • Due
                                    Confirmed User
                                    • Mar 2001
                                    • 3620

                                    #18
                                    Originally posted by ultimatebbwdotcom
                                    Takes a whole lot longer when it has to work out the user and the pass, i think the example there is username known, password not.
                                    You just need to crack the "username"
                                    http://www.threadwatch.org/node/14095
                                    In PC Magazine's upcoming May 8th issue they list the 10 most commonly used passwords online - if you are using any of these please turn off your computer immediately, go take a nap and then download this add-on for FireFox

                                    1. password
                                    2. 123456
                                    3. qwerty
                                    4. abc123
                                    5. letmein
                                    6. monkey
                                    7. myspace1
                                    8. password1
                                    9. blink182
                                    10. (your first name)
                                    I buy plugs
                                    Skype: Due_Global
                                    /Due

                                    Comment

                                    • Jens Van Assterdam
                                      The Dupre Pimp
                                      • Feb 2008
                                      • 6677

                                      #19
                                      Originally posted by payd2purv
                                      Captcha hacks don't work off wordlists you fuckin newb.
                                      Like you had a clue..
                                      On Strongbox they work like this.. Google -> Caecus...
                                      Read TOS for signature rules

                                      Comment

                                      • ultimatebbwdotcom
                                        Confirmed User
                                        • Mar 2006
                                        • 591

                                        #20
                                        Originally posted by Due
                                        You just need to crack the "username"
                                        http://www.threadwatch.org/node/14095
                                        sure, but who in adult lets a person choose their own user/pass nowadays...dont tell me I'm sure way too many do.
                                        Ultimatebbw.com
                                        Dangerouscurvesdesign.com

                                        Comment

                                        Working...