Hacking password protected sites ...

   There are many ways to defeat java-script protected websites. Some are very simplistic, such as hitting ctl-alt-delwhen the password box is displayed, to simply turning offjava capability, which will dump you into the default page.You can try manually searching for other directories, bytyping the directory name into the url address box of yourbrowser,ie: you want access to www.target.com . Try typingwww.target.com/images .(almost every web site has an imagesdirectory) This will put you into the images directory,and give you a text list of all the images located there.Often, the title of an image will give you a clue to thename of another directory. ie: in www.target.com/images,there is a .gif named gamestitle.gif . There is a goodchance then, that there is a 'games' directory on the site,so you would then type in www.target.com/games, and if it isa valid directory, you again get a text listing of all thefiles available there.For a more automated approach, use aprogram like WEB SNAKE from anawave, or Web Wacker. Theseprograms will create a mirror image of an entire web site,showing all directories,or even mirror a complete server.They are indispensable for locating hidden files and directories.What do you do if you can't get past an opening "PasswordRequired" box? First do an WHOIS Lookup for the site. In ourexample, www.target.com . We find it's hosted by www.host.comat 100.100.100. 1. We then go to 100.100.100.1, and then launchWeb Snake, and mirror the entire server. Set Web Snake to NOTdownload anything over about 20K. (not many HTML pages arebigger than this) This speeds things up some, and keeps youfrom getting a lot of files and images you don't care about.This can take a long time, so consider running it right before bedtime.Once you have an image of the entire server, you look throughthe directories listed, and find /target. When we open thatdirectory, we find its contents, and all of its sub-directories listed.Let's say we find /target/games/zip/zipindex.html . This would be theindex page that would be displayed had you gone through thepassword procedure, and allowed it to redirect you here.By simply typing in the url www.target.com/games/zip/zipindex.htmlyou will be on the index page and ready to follow the links