Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Mining
Uploaded by ntdesweb

Openbullet Guide

advertisement 
CONFIG MAKING
BEGINNER'S
GUIDE TO
OPENBULLET
How to start cracking with
your own configs.
WRITTEN BY AYDEN
THANK YOU
FOR
BUYING!
BEGINNER'S
GUIDE TO
OPENBULLET
Are you a cracker and you want to make your own Configs? Tired
of looking for public non-working configs or buying it from some
config maker each time you need a new one? With BEGINNER'S
GUIDE TO OPENBULLET, you will learn everything you need to
know to make your very own Openbullet configs in 3 chapters,
from beginner to "Advanced" configs, with Tokens, Recaptcha...
You will not have to buy more custom configs anymore; you'll
even be able to start your own Config Service! After reading this
eBook, you'll be able to use Openbullet for basic (And a little
more advanced) config making, and keep achieving even more
difficult challenges by yourself from what you've learned in this
eBook!
01
GATHERING DATA
First of all, we have to gather some data
needed in order to make our config.
Finding a Website
First of all, we want to find a Website to make a config for. If you're reading this, you're probably a firsttimer, so find a Website (Don't choose the same as mine) and open the login page using Google Chrome.
Why Google Chrome?
As you know, Google Chrome has a magical feature known as "Inspect element" That's gonna be our best
friend in the Config Making journey.
Found your website? Cool! I need you to get to the web you want to make the config for, and open
Inspect Element. Then, go to "Network", you should see something like this:
That's what we gonna use to extract our data. The Network Activity in the Network tab should be empty,
if you go to Network and see some data, just wipe it with
Extracting the data we need
For this demonstration, I'm gonna be using a Spanish tech news web called "Xataka". It seems pretty
easy.
First we need to do (keep the network tab open!), is to type whatever in the login and password box, and
try to login. You'll notice the Network tab will update and show you some things. We are looking for
something called "login" or similar (auth, logon, etc)
Now, how do you prepare to make your config it's up to you. Some people just copy and paste all they need in a
Notepad and then starts the config, I prefer to paste directly to Openbullet.
I'll show you now what data we need to gather so get your Notepad ready
NOTE: All the steps have to be done in the login thing from the Network tab. Unless I say so, don't move from
there when doing the next steps.
Request URL
The request URL is the URL that makes the login request, so we will need to paste that in Openbullet.
This URL is always the first thing that shows up in the General section. Copy and paste that URL.
Origin and Referer
Just scroll down a little bit, you will find that in the "Request Headers" section. This is not always needed
but I like to include that, just in case.
Form Data
Scroll down, this is found at the bottom of the page. You'll see the username and password you wrote
before to make the login request show up in the Network tab. This is the code that sends the login data
to the request URL, that means Openbullet needs that code and replace login data with your custom
user:pass . Find the Form Data, click "View Source" and copy it.
If you see some more data here, like token, csrf or something. Please, change the website you're going to make the config. I will teach you how to make
configs for these type of pages, I promise, but that's 2 chapters ahead!
and that's all
NOW LET'S
GET TO
OPENBULLET
02
BASIC CONFIG
MAKING
Now it's the time to use Openbullet!
Openbullet
We gathered all the data we need to make our config! Now it's the time. Run Openbullet, and go to
"Configs", and then click "New", name it whatever and click "Accept"
On the left side, we can see our Current Stack, there is where the config will be made.
On the right side, we can see a Debugger. There, we can check quickly if our config is working well, we
can insert a working account there to check it, and extract data from the Log or HTML View. Also, in the
"Data" tab we can see what response is giving the config (Success, Ban, Fail, Free, Custom) and the
capture or parsing we set up. For example:
First we need to do is to hit that "+" button located in our Current Stack (left side) and create a Request
block. There we will have to paste all the data we've gathered before.
You need to paste the Request URL in the "URL" box, the "Form Data" source in "POST Data" and the
Origin and Referer in Custom Headers
In "Method" (Below URL) select POST.
It should look like this:
In POST Data, we have to change the credentials we tried to login before (mailcheck@gmaill.com
:passcheck in my case) and replace it with <USER> <PASS>, so Openbullet will replace it with the user
and pass we want to try on.
Check! We got it all. Now, let's try if it's working. Type some random data (user:pass) in Debugger, select
"HTML View" tab and hit "Start"
Tip: SBS (Next to the start button) means "Step by Step", so if we select that and press Start, Openbullet
will execute every block you created and stop between each one, so you can check output for every
block you've created. Can be helpful, for example, if config stopped working and you don't know why.
It's working! Obviously we typed some random data so it shows "Bad credentials", but it's working..
We always need to check that, as there are some Bypasses as Akamai that can show up instead and
make the config pretty impossible to do. I won't be explaining how to bypass securities like Akamai, as it
would probably need an independent course.
Now that we know there are no problems, we need to make the config detect the working accounts and
the bad ones. We will need the HTML Output for it.
Go back to the left side of your screen, press "+" and create a new block called "Key Check"
Got it! Now press that "+" next to "Keychains" twice. We need to create one check for a Success account,
and one for a bad one. Set one as type "Success" and another one as "Failure" Also, create a Key for each
one, pressing the "+" next to "Keys"
Now we need to get back to the HTML View from the Debugger and check the output after checking a
bad account. In my case the response it gave to me was "{"result":"failure","msg":"Bad credentials."}"
So, we copy and paste that in the "Failure" Key Check. So if it Contains {"result":"failure","msg":"Bad
credentials."}, Openbullet will set the checked account as "Fail", and the account will move to "Bad" type.
We can change that "Contains" to "DoesNotContain" "GreaterThan" etc. Just select what's better for you.
Go back to Debugger, but now check an actually working account.
Working! Get some text that you know it will NOT appear if the credentials are wrong, in my case
{"result":"success", and paste in the "Success" Keychain.
If we want to, we can also add another Keychain for "Custom" or "Free" hits, it works the same way I just
showed you for "Success" and "Fail"
Hey, are you still there? You actually finished your first config! Congratulations! Just, before you start
cracking from the Runner, check it one more time from your Debugger. This time from the "Data" Tab.
If you did it the right way, the output should be "Bot Status: SUCCESS" if you check a working account, or
"Bot Status: FAIL" if you check a wrong one. If it's showing up as it should be, your config is ready to go.
Yay! It's working. Save you config (Important step there)
Finish up your config navigating to "Other Options" and set the basic stuff (Name, author, suggested
bots, needs proxies...)
How many bots should you set? Does it need proxies? You only can know testing your config. Test with
50, 100, 150 etc Bots and check what suits better. Also, to know if you need to use proxies or not, try
your config in the Runner without proxies. If it stops working after some checks, it needs proxies.
As you can see, our config is
working perfectly
03
"ADVANCED"
CONFIG
MAKING
Now you'll learn a little more advanced
things. Capture, Parsing Tokens,
Recaptcha. This is not really a
ADVANCED guide (I will not teach you
coding and stuff), it is all you need to
make a config for almost every web you
want.
Capture
First things first, we are going to learn how to make capture for your config. I'm gonna make capture for
some random config I made, but I suggest you to resume the config you did with this eBook and add
some capture!
First of all, login to the site and go to the URL where the data you want to capture is found.
For example, I did a config for "ayoa.com", and I want to capture the Account Type. This data can be
found in "https://account.ayoa.com/business"
Go back to your Current Stack in Openbullet, press the "+" and add a new block called "Request".
Paste the link with the capture (https://account.ayoa.com/business), but don't select POST as Method,
select GET this time. This will NOT send any request, only will gather the web source.
Now, go to Debugger and hit Start with a working account so Openbullet logs in into the account and
loads the capture link, and open the "Log" tab. You'll see a bunch of code there.
You'll notice there is a search box below. We want to capture the Account Type, so I'll search "Account",
and navigate using the arrows on the right side until I find something related to the account type.
We found "accountType":"FREE" That's what we were looking for. Don't lose it, copy it just in case and
create another block in your current stack. This time the block you need to create is "Parse". This will
show up:
Check "Is Capture" (As we want it to be capture) and set a name for it. In my case, I named it "Account
Type", as that's what i'm going to capture.
Below that, you'll see "Left String" and "Right String" if you selected LR mode. This is the most important
part of the capture. Left string is the text on the left side (Before the text we want to capture) and Right
string, the text on the right side (After the text we want to capture). For example, we want to capture that
Account Type and we just found ,"accountType":"FREE","
,"accountType":"FREE","
Left String
Right String
What we want to capture (in between of L and R string)
"accountType":" is the Left String, and the right string, we only need to put the first character after the
text we want to capture, so Right String is just "
NOTE: That's only LR mode, but that is the one you gonna use the most. Depending on the website, you can
also select JSON for example, and type the Field Name of what you want to capture.
The final result should look like this:
Done! Check the config in Debugger (Data tab) and check if it captures what we want.
NOTE: If you want to capture more than one thing that are in between the same string, select
"Recursive" below LR Strings.
Parsing Tokens
Sometimes when you are making a config, you can notice something weird in the Form Data (POST Data).
If it's a regular web, you are probably expecting something like this
{"email":"<USER>","password":"<PASS>"}
That's pretty easy, yeah. But what if...
csrf_token=6261092e0dc79d245b5430875d1f8cb278db71a6&referer=&login=usercheck&passwo
rd=passcheck&remember=on
You're fine with that remember=tron, username and stuff but what's going on with that csrf token with
that random numbers?
That's a token that randomly generates each time you visit the web, and you need the right token to
succesfuly send the login request. I'm gonna teach you how to do find, it's very simple! You learned
pretty much everything needed from the Capture tutorial!
Find some web with some Token. I'll be using Sexlikereal, that haves a csrf token.
First of all, create a new Request block, and paste the login URL in the URL field. You need the BROWSER
LOGIN URL, not the Request URL!
Select GET method and run the Debugger to load the URL source.
We can see the token request is "csrf_token=...", so we need to look for CSRF in the Log tab.
Once you found it, you'll need to select your Left and Right String. content=" can be frequent, so I will
select more text for the left string
<meta name="csrf-token" content=" (Left String)
" (Right String)
Add a new Parse block and put the L and R string you just found. This time don't select "Is Capture". We
only want it to find and parse the text, not to make it output as capture.
In Var/Cap Name, put whatever you want. Something easy, if it's csrf I just type csrf.
We just created a new Variable. That means now <csrf> exists, and if we type that in POST Data after
csrf_token=, Openbullet will parse the CSRF and replace <csrf> for the actual Token.
So, now our POST Data looks like this:
csrf_token=<csrf>&referer=&login=<USER>&password=<PASS>&remember=on
If you did it right, you should see the CSRF in the Data tab.
Finished! You can continue your config normally.
CloudFlare
This part won't take me much as it's ridiculously easy, I just add this part in case you're blind or
something.
When you want to make a config for a CloudFlare protected web, there's a block called "Bypass CF". Just
add the block, and paste the link you want to access, that's all.
The most important, the User Agent MUST be the same in the Bypass CF block and in all Request blocks.
The bypass is not going to work if you miss that..
And you succesfully bypassed CloudFlare. Sometimes it can give you error in the Debugger, just retry
a few times, it will work.
ReCaptcha
This is easy af too, but I don't really recommend it. Bypassing ReCaptcha can be expensive as you'll
need a AntiCaptcha API Key with balance on it. If you want to check fully unchecked 100k combo it
will be expensive af for you. I suggest trying to bypass that manually, making the config with the
site's API that doesn't have ReCaptcha, for example.
But still, i'm gonna teach you briefly how to add ReCaptcha to a config:
SexLikeReal's Form Data looks like this:
csrf_token=<csrf>&referer=&login=<USER>&password=
<PASS>&remember=on&recaptcha=03AOLTBLT_eL8Qpp8WueZBCmg980AlJ3C4oLdmFwJRRH3Y5KGuENqA-bsWgCojzvinmI7idULcbJ8JjkM07vM1aXZ0gWucx7MqYUR5eMnpDUHbT6XEbUW6S5uST_lcV_wNjaQCc2z2stDCtujyi4_fOC194s9cH_wyg1WRU2O6mw9pjSGrLMu94F4CpUUs4v36tb2e3NwwYHrV_ExoQKGHjXuS4fcGOgKPKWotOJLeJ0LRfgcs_bZfh
F5Dd_sHvPO455A2oJf26hqW6HZSEbWkXo8Z1kn0OmQ2-cHBZGDFO7b0vjH3Y6flHkAakIYSSByiMct7tI4de1hn43k-3zY4SN1aA3ND846cKd4799hrwcgEOSxEjBLA8mfOJ8CAQy7SYLI13UQGZLleKUVdCZJ9LLw3AfZdi599H8uC9p5nrUgY7885EBl6viio_GW0Ck_c13ui5xlluU3v
tBcgBF-cFpoUQpxOa267EByL6CdzrgjQ0q6M
Yeah, another long randomly generated number.
Create a ReCaptcha block. It looks like this:
In Variable Name, just name your variable. I like to name it RECAP, but that's up to you.
Page URL: Obviously the URL you want to access
Sitekey: We need to find this in the web source. Same way as finding a Token, get to the source code
from the Debugger Log (GET Request to login page, you can see Source Code directly from Google
Chrome tho) and search for "Recaptcha"
That long key is the Sitekey we were looking for. Each site has his own Sitekey, it doesn't change or
generate randomly so don't worry. Copy that code and paste it in Sitekey. You are good to go.
The final result should look like this:
Yes, there's a "Auto Sitekey" option, I don't know if it works correctly, I do it manually every time just in
case
Now, we have to edit the POST Data, and replace the Recaptcha key with ReCaptcha variable name,
RECAP, in my case.
csrf_token=<csrf>&referer=&login=<USER>&password=<PASS>&remember=on&recaptcha=
<RECAP>
Position the block before the login Request and you are good to go.
Extra: HTTP Debugger Pro
If you really get into config making, you may need HTTP Debugger Pro. This software captures all the
HTTP Requests, so basically does the same as Google Chrome Network tab, but it can find hidden APIs,
or you can use it, for example, if you don't want to make a config for a browser request, but you want to
make it for a game launcher. Turn it on, and it will start getting all requests.
BEGGINER'S GUIDE TO OPENBULLET
THANK YOU
FOR BUYING
Wish you a great journey in config
making!
Related documents
Lab e- config
Lab e- config
AD0-E134 Adobe Experience Manager Developer Exam
AD0-E134 Adobe Experience Manager Developer Exam
Download
advertisement