Munga
Bunga's HTTP Brute Forcer |
Munga Bunga's HTTP Brute Forcer is a utility utilizing the HTTP
protocol to brute force into any login mechanism/system that requires
a username and password, on a web page (or HTML form).
In simple terms, if you can access an account on the web, by entering
a username and password (or more), then you can brute force into
that account, using this utility.
Brute Forcing is the process of trying various passwords
from a dictionary file (automatically), for a given username, until
the password matches the username.
This method can sometimes be very effective. When you combine the
power of brute forcing, with the functionality of the program, then
you end up with a tool which can be used for breaking into emails,
affiliate programs, web sites, (any web based accounts), launching
DoS attacks, flood emails, flood forms, flood databases and all
that your imagination can extend too! However, you should note that
DoS attacks and flooding activity is not supported or documented
in the documentation. The utility only supports Brute Forcing (documentation
wise). It can be used for other purposes, if you know how to write
the definitions to drive those forces.
Definition Files are files ending in the .def extension, and contain
information about a particular server, and the data to submit to
it. Definition files are typically written by users. They are used
to extend the power and capability of the program, based on your
own definitions. However, the software comes bundled with some definition
files.
|
What
does this software do? |
For those of you who thought Hotmail and Yahoo were unhackable,
think again!
It's a Brute Forcer, which uses the HTTP protocol to establish
its connections. In English, this means the program tries various
passwords for a given username (called brute forcing) and verifies
whether those passwords are correct for the given username within
the HTTP protocol (meaning, via web page connections).
You can hack into any form you see on the Internet, this means
any web based email account like Hotmail, Yahoo, Excite etc… or
even affiliate accounts like AllAdvantage, GoToWorld, LinkExchange,
or even actual Web Sites and many more. Basically, any thing that
can be entered via a HTML form with a password and username, you
would be able to brute force into with my program. The sky is the
limit, it can even be used as a DoS (Denial of Service) program
but I do not encourage such behavior and shall not be held responsible
for your illegal doings.
Ok, so how do I use this thing?
Basically, you must have a password file in order for the program
to attempt, and try to enter the account(s), with the specified
passwords. I included the pass.lst file for a small password list
sample. Typically you would want a larger password files if the
pass.lst doesn't work for you. More passwords files can be located
at The Hackology
Network or directly at http://packetstorm.securify.com/Crackers/wordlists/.
In addition, you must have a definition file for the form you want
to crack into. Now I have written definition files for some forms,
like the hotmail login form and some others. However, if you need
to crack into another server/form, then you would need to write
your own definition file. Writing definition files are explained
later in this document.
|
Some
Unique Features |
A listing of some unique and nice features of this utility.
-
Multi-threaded support, up to 10 threads at once can be run.
Making the speeds very fast across some servers.
-
Hack while you sleep. If you disconnect from the internet,
it automatically reconnects and resumes its processes.
-
Definitions files. Making the software customisable and powerful.
-
Many more, in the Manual.
|
Download |
Download from Hackology
Download
Munga Bunga's HTTP Brute Forcer 1.02 (1.55 MB).
Download from Astalavista Mirror
Download
Munga Bunga's HTTP Brute Forcer 1.02 (1.55 MB).
|
Hyperlink |
Homepage: http://www.hackology.com/
|
|