Sign in to follow this  
Followers 0
Sherubinsky

Help Sentry Configuration (reCaptcha)

5 posts in this topic

Hi ,I am new in the cracking world.I have try to learn but no success for me .I just need to test exemple

https://fr.sendinblue.com/users/login/

How do i crack this site it as recaptcha?

If its possible how do i set the config and to be honest i am in need of SMTP and VPS for the sending and the hosting file.

Thanks.

Edited by Sherubinsky
0

Share this post


Link to post
Share on other sites
7 hours ago, Sherubinsky said:

Hi ,I am new in the cracking world.I have try to learn but no success for me .I just need to test exemple

https://fr.sendinblue.com/users/login/

How do i crack this site it as recaptcha?

 

Recaptcha appears after 2 attempts at a minimum ( with a good proxy sure.... )

it's not a really problem for the config ..........

 

:08Basic: there is No captcha 2 bots after ---------->    Screenshot_2.png.dacef99d4786d056d6136c4ca17b039f.png

 

Config setting ( just a generic example ) :

Screenshot_1.png.d77a5c7561a9be0ae49a563a23b88191.png

From the old Sentry Manual :

Now i will discuss this one with greater detail since you really need to understand how MBA proxy engine works in order to get the maximum performance from MBA.
In MBA a proxy can have three status:
1) Active -> the proxy is being used by bruteforcer.
2) Disabled -> the proxy is not being used by the bruteforcer, but its status will be changed to Active when the number of active proxies becomes less than the number set in the box named "Reactivate All Proxies When Active Proxies Equals".
3) Banned -> the proxy is not being used by the bruteforcer and its status will be changed to Active only after Waiting Window activation IF the proxy has tested successfully at least one combo.

When a proxy is disabled?
A proxy is disabled when it generates a HTTP/socket error. A HTTP error can be a 404 - Not Found error or a 5xx error (server error) for example. A socket error is a TCP connection error like a connection refused or a connection timed out error (these errors are reported anyway as 404 errors even if they don't occur over HTTP). Moreover a proxy is disabled if it generates an error in the bot engine, like a 404 - Incomplete Form error or a 404 - Incomplete Source error.

When a proxy is banned?
A proxy can be banned for 3 reasons in MBA:
1) MBA recognizes the proxy as bad proxy, i.e. the proxy ignores the connection request to the site under attack and gives a fake answer.
2) MBA recognizes that the proxy has been banned by the site under attack: such proxy will be banned since it will not be able to authenticate successfully until it is unbanned by the site.
3) MBA recognizes the proxy as dead/too slow proxy.

Bad Proxies
The proxies in case 1) will be recognized as bad thanx to the AfterFingerPrinting engine: when after an attempt no keys are found on the answer (so the combo could be good or bad), MBA retries the same proxy with a random generated combo: if on the new answer a failure key is found, then the AfterFingerPrint succeded, otherwise the proxy is banned and the original combo is retried with another proxy.
Of course also proxies n case 2) will be banned by the AfterFingerPrinting engine, but case 2) proxies can be taken care of with good ban keys, avoiding the AfterFingerPrint engine activation. Other proxies recognized as bad proxies are the ones which return a 407 code, a 401 code on form sites, a 403 code or a 305 code.

Proxies banned by the site under attack
Proxies in case 2) as already said have to be recognized by configuring properly headers and/or source ban keys by analazying the responses given by the site upon banning an IP.

Dead Proxies
For each proxy in the list, MBA stores two numbers: the number of combo successfully tested (i.e. combo marked as bad, good, redirect or to check) and the number of retries.
Let's call the first number Combo_Tested and the second number Retries. First we must understand what a retry is. A proxy generates a retry for two reasons:
1) The proxy generates an error, i.e. one of the errors i mentioned when i talked about the proxies disabled.
2) The combo being tested by the proxy triggers a retry keyword match. As we'll see in the keywords section of this tutorial, we can have three types of retry keywords: Bad Proxy Reply, Bad OCR Code and finally Normal Retry. When you define a retry keyword (on header or source), by default the keyword is a Bad Proxy Reply retry keyword type, this means that when a match is found with such key, the retry is considered generated by a proxy error. An example of such rerty key would be "DNS Error". So when such retry is generated, it will increase the number Retries.
For each proxy MBA will compute the ratio:
Banned_Ratio = Retries/Combo_Tested
If this ratio becomes greater or equal than the ratio defined in the box "Ban the proxy if the ratio...", then the proxy will be banned.
Let's make an example:
We have a dead proxy which generates only 404 errors. We have set the ratio to 4. Now since for the proxy Combo_Tested = 0, Banned_Ratio would be inf. But MBA computes Banned_Ratio as Retries until Combo_Tested = 0, so when Retries = 4, the proxy will be banned. This means that all dead proxies you have in the list will be banned after they generated a number of retries equal to the set ratio. So after some time, the proxy list will be cleaned off, i.e. only alive proxies will be used.
Let's make another example:
we have an alive proxy for which Combo_Tested = 4 and Retries = 0. Now the proxy suddenly bans your ip and starts giving 403 codes. When the retries of the proxy will reach 16, the proxy will be banned, since 16/4 = 4, i.e. the ratio we set in this example.

Ok, now we know when a proxy is disabled and/or banned, so we can understand what each setting does.

Banning and Reactivation
Reactivate all proxies when...
This one let you reactivate all disabled proxies when the number of active proxies becomes less or equal than the number set here. Lower the number, greater the speed you'll reach, since MBA will keep active only the faster proxies. Anyway by configuring a number too low, you can cause proxies to be banned faster, since the fastest proxies will keep trying at increasing rate. On sites that ban proxies very quickly, you should set this number equal to zero: in this way proxies are not disabled and at each istant you will have the maximum number of active proxies. So the achieved speed will be lower, but the total combo tested will be greater.

Ban a proxy if the ratio between...
This is the ratio I talked about before. If you set this number equal to zero, you disable this feature, i.e. you will have a Sentry NO MBA behaviour; this means that the dead/too slow proxies will not be banned.
Update: I forgot to add that when this ratio is set to a number greater than zero, i.e. this function is enabled, then MBA for each proxy wait that the number of attempts becomes equal to this ratio. Only after this condition is met, then the proxy will be disabled if it generates an error. In this way MBA will reactivate only good proxies.
Example:
A proxy get a 404 - Timeout error and ratio is set to 4. For this proxy we have:
Combo_Tested = 0 and Retries = 1
Proxy will not be disabled since number of attempts = 1 (0+1).
Example:
A proxy get a 404 - Timeout error and ratio is set to 4. For this proxy we have:
Combo_Tested = 0 and Retries = 4
Proxy will be banned since number of attempts = 4 (0+4) and ratio is equal to the set one.
Example:
A proxy get a 404 - Timeout error and ratio is set to 4. For this proxy we have:
Combo_Tested = 3 and Retries = 1
Proxy will be disabled since number of attempts = 4 (3+1) and ratio is less than the set one.
So it's normal that at the start of a bruteforcing session, number of proxies disabled will be zero.

Ban a proxy if the number of combo tested...
Some sites upon banning a proxy, do not give a ban response: instead they give always a failure response regardless of the combo. Keeping active such proxies would mean marking good combo as bad. If we know for such sites number of the login attempts after which the proxy is banned, we should enter that number here.

Waiting Window
What can we do when all proxies are banned? Well most sites ban proxies for a certain amount of time, i.e. 5 minutes, 30 minutes, 1 hour...So if we test such sites and then set this time in waiting window,we can go out eating a pizza..meanwhile bruteforcing will proceed without user intervention. In fact, when all proxies are banned, waiting window will be activated: this means that MBA will wait amount of time set in Waiting Window before reactivating bruteforcing engine. Upon reactivation, if we have set correctly the waiting window time interval, most proxies will be unbanned and bruteforcing will resume at maximum speed. Take note that after the waiting window only proxies that have tested at least 1 combo will be unbanned, so dead and bad proxies will not be reactivated.

Banning Window
The Waiting Winodw is normally ativated only after all proxies have been banned. But in most cases, the last proxies that remain active in the bruteforcer are the slower ones, so this means two things:
1) The speed of the engine becomes really low.
2) It would take some time for these proxies to be banned.
So the waiting window activation would take some time in these cases and moreover the number of combo tested in this time would be really low. It is opportune then to ban all proxies in order to force waiting window activation. This is banning window purpouse. We have three settings and i think there's no need to explain them.

 

Screenshot_3.png.bf4bbc192e476691f061b2a0f4651c38.png

Edited by jankko60
2

Share this post


Link to post
Share on other sites

Thanks for this very instructive help .Then i will need good proxies and a working combo list .

Lets try it !

0

Share this post


Link to post
Share on other sites
Staff

Nice answer by @jankko60
Otherwise, U can check if the site have an API version to bypass REcaptcha problem. 

1

Share this post


Link to post
Share on other sites
2 hours ago, demiurgo said:

@jankko60
Otherwise, U can check if the site have an API version to bypass REcaptcha problem. 

Thank u   demiurgo  

I'm not familiar with Api config yet....... i will study a.s.a.p.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0