~ Let's investigate password protected sites ~
by Fravia+, March 2000

Let's investigate password protected sites: at times seekers have to find a solution in order to solve some funny 'access' or 'protection' schemes, that are mostly intended to hide knowledge from knowledge seekers. Well, you will soon see how easy it is to disable them...


  1. Get a proxy (NOT in your own country). A good proxy will (try to) hide your real IP address, just in case. There are huge proxies lists out there, find and use them, else use Iefaf's altavista trick and collect good working proxies on your own.
  2. Configure your browser to use the proxy (for this, see detailed instructions elsewhere on my site).
  3. Check that everything works... trusted proxy checkers should say "proxy not detected" (careful, there are some 'trap' proxy checkers out there, used by our enemies to kill proxies).
  4. Set up your password buster of choice: Entry Pro, wwwhack, webcracker, your own, whatever.
  5. "Set up" means, of course, not only uynpacking and running it, but also having the password buster going through your proxy, DO NOT FORGET THIS STEP, mostly option menu and then proxy setup.
  6. Re-build the name list. The one you got with the wwhack distribution is NOT GOOD. It works at times, granted, and you'll be able to enter some 'password protected' sites, but that lists are nevertheless FAR from being really useful.
  7. Simplest lists are just single words, that resolve BOTH to username and to password: fred/fred james/james and so on. Single lists will seldom work. Anyway if you really are going to use simple lists, use -at least- alphanumeric ones like fred34/fred34 or 69porn/69porn.
  8. Combined lists are MUCH more useful and bingo-prone.