Hello guys today I want to share with you a simple and effective method for sorting logs, you don't need any cracked software or money.
Requirements:
- Logs from a cloud, for example today I will be using SATANICLOUD logs from private channel.
- Ripgrep
- Files editor
Lets start:
- For finding logs is easy, you can use forums like this and many other resources.
- Ripgrep is a powerful command-line tool that you will need for sorting your data in a efficient and fast way, to download it you can use these commands:
Linux:
Now you can install Ripgrep on Windows using Choco:
- Files editor, there are a lot online, EmEditor for example.
Steps:
- Download as many archived logs you want from the resources you choose / found.
- Extract them all in your preferred path for example / FullLogs
- Use Ripgrep for sorting the data extracted in format: U; L; P
The command you will need to use is this the following:
The command uses "Passwords.txt" because its the most common output from stealers nowadays, anyway you can look through logs and see if the name is different, most used are these below aswell:
You use the same mechanism as above to print the target lines in a new file for example: damagelab_target_lines.txt
Funny part comes now since is very easy, open i.e EmEditor, remove all "https://" and / or" http://", remove android lines and urls with ports aswell because they could mess the file.
Now we can use "cut" to remove the content in the first ':'
For non targeted combolist you do the same without parsing the wanted lines.
My result for combolist non targeted:
Result:
Would be great to hear your feedback below this thread, hope it helped :3
Requirements:
- Logs from a cloud, for example today I will be using SATANICLOUD logs from private channel.
- Ripgrep
- Files editor
Lets start:
- For finding logs is easy, you can use forums like this and many other resources.
- Ripgrep is a powerful command-line tool that you will need for sorting your data in a efficient and fast way, to download it you can use these commands:
Linux:
Windows: is requested a unix based CLI like Git Bash, after installed you will need to install Choco here: https://docs.chocolatey.org/en-us/choco/setup/
Now you can install Ripgrep on Windows using Choco:
Run "rg --version "to see if it actually worked.
- Files editor, there are a lot online, EmEditor for example.
Steps:
- Download as many archived logs you want from the resources you choose / found.
- Extract them all in your preferred path for example / FullLogs
- Use Ripgrep for sorting the data extracted in format: U; L; P
The command you will need to use is this the following:
This command will check for all "Passwords.txt" files contained in the folder where there are the extracted logs, search for the entries and write them in format ULP to file RESULT.txt
The command uses "Passwords.txt" because its the most common output from stealers nowadays, anyway you can look through logs and see if the name is different, most used are these below aswell:
- "All passwords.txt"
- "AllPasswords_list.txt"
- "_AllPasswords_list.txt"
My result below:
How to make combolist? Very simple, for targeted you can use grep or others to search for lines containing specified URL, for example: "damagelab.xyz"
You use the same mechanism as above to print the target lines in a new file for example: damagelab_target_lines.txt
Funny part comes now since is very easy, open i.e EmEditor, remove all "https://" and / or" http://", remove android lines and urls with ports aswell because they could mess the file.
Now we can use "cut" to remove the content in the first ':'
Result:
Since they are stealer logs' lines, is very high the amount of lines with duplicates because of credentials reuse, so run again "sort -u"aumatinaomondi@gmail.comina@2024
milimanishg23@gail.com:ganjala2023
722114532:2568
ndugumwanakaka@gmail.com:2568mike
A011078602I
For non targeted combolist you do the same without parsing the wanted lines.
My result for combolist non targeted:
If you want to keep only lines in format email: pass, use this grep / ripgrep with regex to keep only lines with email.
Result:
Want to check how many unique emails there are in the email: pass? run this:
Would be great to hear your feedback below this thread, hope it helped :3
Последнее редактирование:
