galaxyPass for Windows - Help


Contents

Menus

Help - Display Help
Help - Download galaxyPass Pro
Help - Open the galaxyPass Web Page
Help - Register galaxyPass
Help - About galaxyPass

Controls

Configure
Test
Start
Stop

Options

Request Type
TCP Port
Protected URL
HTTP Referrer
Connections
Timeout
Display Failed Attempts
Log Failed Attempts

Username

Username, Prefix and Suffix

Password

Password, Prefix and Suffix

Other Information

Username/Password Sequence Examples
Trial Mode Limitations
Log Files
Dictionaries and Word Lists



Help - Display Help

Display this Help file in your default browser.


Help - Download galaxyPass Pro

Download a non-expiring trial version of galaxyPass Pro for Windows.
http://www.galaxyTrading.net/download/gpasspro.exe


Help - Open the galaxyPass Web Page

Open the galaxyPass web page in your default browser.
http://www.galaxyTrading.net/galaxypass.jsp


Help - Register galaxyPass

Open the galaxyPass registration web page in your default browser.
http://www.galaxyTrading.net/register/online.jsp


Help - About galaxyPass

Display program information, version number and copyright notices.


Configure

Display the configuration pages.


Test

Test the username & password configuration without connecting to the protected target host.


Start

Start the password recovery operation.


Stop

Stop the currently active test or password recovery operation.


Request Type

HTTP Basic Authentication is the default selection. This is the most common form of web site password protection in use and begins by your browser displaying a standard popup box asking for your username and password when you click on the protected entry page. You may need to right-click on the protected entry page link and select 'Copy Shortcut' to copy this URL into the galaxyPass 'Protected URL' input box. The Professional Edition of galaxyPass also includes FTP and POP3 (e-mail) options.

TCP Port

For HTTP Basic Authentication select port 80. For FTP select port 21. For POP3 select port 110. These are the Internet standard TCP connection ports for these services but you can use alternative ports if you are sure that a site is using them.

Protected URL

Enter the protected entry page URL - e.g. www.anysite.com/members-only/ - or the host name of the target FTP or POP3 mail server, e.g. ftp.anysite.com or pop3.anysite.com.

HTTP Referrer

This is an optional URL that can be passed to tell the target server which page was viewed before the protected page was requested - you may leave this field blank.

Connections

galaxyPass is a high performance multi-threaded application and can open multiple connections to target hosts. This allows you to use as much of your available Internet bandwidth as possible but you can also saturate your connection (or the target host) if you use too many. Experiment until you find a good balance.

Timeout

This is the number of seconds that can elapse before a connection will timeout (give up) when trying to connect to, send data to or receive data from a target host.

Display Failed Attempts

Failed login attempts can be displayed if you wish - successful attempts are always both displayed and logged to disk.

Log Failed Attempts

Failed login attempts can be logged to disk if you wish - successful attempts are always both displayed and logged to disk.

Username, Prefix and Suffix

The Username can consist of up to three components which are then joined together for maximum flexibility - a Prefix, a Username and a Suffix.
Each of these fields can be set to one of three different options:

Static: This is a simple text string, e.g. mr, john, anyth1ng-U-like

Sequence: This is a sequence comprising of one or more of the following characters:

 0-9 loop through 0 to 9
 # loop through 0 to 9 but omit leading zeros
 a-z loop through lowercase a to lowercase z
 A-Z loop through uppercase A to uppercase Z
 @ loop through lowercase a to lowercase z, then uppercase A to uppercase Z
 ! loop through all non-alphanumeric ASCII characters
 * loop through all ASCII characters
 Example: #1 will begin 1,2,3,4,5,6,7,8,9,10,11.. and finish at 99

File: A text file containing a different name or word on each line. You can specify minimum and maximum word lengths to omit words outside that range.

The most popular usernames are simply forenames suffixed with a few digits, e.g. john123.


Password, Prefix and Suffix

The Password can consist of up to three components which are then joined together for maximum flexibility - a Prefix, a Password and a Suffix.
Each of these fields can be set to one of three different options:

Static: This is a simple text string, e.g. password, john, anyth1ng-U-like

Sequence: This is a sequence comprising of one or more of the following characters:

 0-9 loop through 0 to 9
 # loop through 0 to 9 but omit leading zeros
 a-z loop through lowercase a to lowercase z
 A-Z loop through uppercase A to uppercase Z
 @ loop through lowercase a to lowercase z, then uppercase A to uppercase Z
 ! loop through all non-alphanumeric ASCII characters
 * loop through all ASCII characters
 Example: #1 will begin 1,2,3,4,5,6,7,8,9,10,11.. and finish at 99

File: A text file containing a different name or word on each line. You can specify minimum and maximum word lengths to omit words outside that range.

The most common password is 'password'!


Username/Password Sequence Examples

Example 1:

Username Prefix: None Selected
Username: File, male-names.txt, min length = 5, max length = 5
Username Suffix: Sequence, 0
Password Prefix: None Selected
Password: File, common-passwords.txt, min length = 7, max length = 8
Password Suffix: None Selected

The username:password combinations will appear as follows: (Tip: You can use the Test button to check out your combinations)

aaron0:academia
...
aaron0:yosemite
aaron1:academia
...
aaron9:yosemite
abbey0:academia
...
...
zolly9:yosemite


Trial Mode Limitations

Only around 25 username:password combinations can be tried until you register your copy of galaxyPass.


Log Files

Log files are created in the galaxyPass application folder - the default is C:\Program Files\galaxyTrading.net\galaxyPass for Windows\ - and are named YYYYMMDDHHMMSS.txt.

The prefix represents the year, month, day, hour, minute and second when the log file was created.

These files can grow very large so remember to delete them when they are no longer required!


Dictionaries and Word Lists

ftp://ftp.ox.ac.uk/pub/wordlists/
http://wordlists.security-on.net/download.html




Copyright © 2000-2002 galaxyTrading | All Rights Reserved | All Trademarks Acknowledged