does bruteforce work on roblox?

Join Date: 2012-06-02
Post Count: 69

#188700227Saturday, May 07, 2016 2:06 AM GMT

how secure is roblox? on that topic of hacking. dictionary attacks/brute forcing, ik you can do it on facebook, gmail, wifi pass, routers, etc. but does it work on roblox? how secure is roblox exactly?

AggressiveCatch

Join Date: 2011-07-17
Post Count: 16525

#188700336Saturday, May 07, 2016 2:08 AM GMT

what do you mean does it work on roblox? you can crack any pass with bruteforce if the pass is simple enough, the website doesn't really matter

cntkillme

Join Date: 2008-04-07
Post Count: 49450

#188700412Saturday, May 07, 2016 2:10 AM GMT

There's capatcha IIRC so it'd probably be much harder. You'd probably be throttled if not blocked. Test it.

zizi999

Join Date: 2012-06-02
Post Count: 69

#188700474Saturday, May 07, 2016 2:11 AM GMT

like i mean will it allow through the captcha?? cus if you know much about it, 3rd party programs like hydra or brusta will give u it, but can it leave out the captcha? sry if im confusing

AggressiveCatch

Join Date: 2011-07-17
Post Count: 16525

#188700514Saturday, May 07, 2016 2:12 AM GMT

doesn't facebook/gmail/basically everything else have throttles/limits to how many times u can try to login to an acc?

Qorm

Join Date: 2010-07-25
Post Count: 1650

#188700598Saturday, May 07, 2016 2:13 AM GMT

use proxies and you wont get a captcha, my friend did this with sentrymba and thats what he did

zizi999

Join Date: 2012-06-02
Post Count: 69

#188700684Saturday, May 07, 2016 2:15 AM GMT

if ur in proxy how does that remove the captcha?

cntkillme

Join Date: 2008-04-07
Post Count: 49450

#188700691Saturday, May 07, 2016 2:15 AM GMT

I'm sure you still will get captcha, I'd imagine they count how many login attempts there have been since a successful one as well.

zizi999

Join Date: 2012-06-02
Post Count: 69

#188700729Saturday, May 07, 2016 2:16 AM GMT

ye it does, but expensive brute forcers try the pass without really refreshing the page. so it just sees if pass fits in, doesnt refresh page

zizi999

Join Date: 2012-06-02
Post Count: 69

#188700762Saturday, May 07, 2016 2:16 AM GMT

what if you have a good brute forcer and every 5 attempts it creates a new server. and 5 more ones and deltetes the old one, that way captcha wont get to u

Qorm

Join Date: 2010-07-25
Post Count: 1650

#188701581Saturday, May 07, 2016 2:33 AM GMT

you know what a proxy does right

cntkillme

Join Date: 2008-04-07
Post Count: 49450

#188701611Saturday, May 07, 2016 2:34 AM GMT

zizi do you even know what you're talking about? Reread my post lmao

badgraphix

Join Date: 2007-11-26
Post Count: 22800

#188702148Saturday, May 07, 2016 2:44 AM GMT

You guys talk about how they can just change IPs before the CAPTCHA pops up, but honestly it'd be much more secure if it just worked on a by-account basis. Basically, if there are 3 unsuccessful login attempts to BADGRAPHIX, it'd show a CAPTCHA for every future login attempt no matter the IP (or a timeout maybe). Restricting it to an IP seems like a bad way of creating a security wall since any hacker worth their salt won't stay on one. This defeats the CAPTCHA's purpose and only makes it harder for the regular users. Pretty sure I was bruteforced recently btw. My account got compromised and I can't really see any other way he could've gotten in. ROBLOX needs to improve their security.

ColonySimulator

Join Date: 2015-07-05
Post Count: 1721

#188702166Saturday, May 07, 2016 2:44 AM GMT

actually refreshing a page could be a good idea for fighting against limits ,if you think about it,because you could alter the throttle , eventhough it would make it really slower because of the internet connection of the owner, it could wait until the page is loaded using an app in vbs. (but it would make the bruteforce really slow, but you could use a dictionnary attack instead, which would reduce your time of wait for each process)

ScriptingRevolution

Join Date: 2015-09-19
Post Count: 528

#188705240Saturday, May 07, 2016 3:39 AM GMT

I works just use alot of proxys there was a post on v3rmill about this,

jody7777

Join Date: 2009-02-22
Post Count: 1343

#188707821Saturday, May 07, 2016 4:36 AM GMT

captchaed and im pretty sure if you mass login into one account, automatic captchas wil be deployed + other defensives FOR THE CAUSE

zizi999

Join Date: 2012-06-02
Post Count: 69

#188711602Saturday, May 07, 2016 6:42 AM GMT

if he really did bruteforce into ur acc, u got weak pass, or he uses a expensive brute forcer. one that probly is faster and can SOME HOW skip the captcha, thats how i see it. i always thought roblox security was advanced, i did get brute forced once. im pretty sure it is possible, so im asking ur opinions.

zizi999

Join Date: 2012-06-02
Post Count: 69

#188711700Saturday, May 07, 2016 6:47 AM GMT

i also know you can bruteforce or dictionary attack into routers and other logins that are weak and mby dont even have captchas, those are easy to hack into. but from all ive researched, all ive read, theres practically no way to brute force into a advanced system like roblox etc., atleast from my knowledge. (im very new to this concept) like many ppl said here, you can use several proxies

Qorm

Join Date: 2010-07-25
Post Count: 1650

#188724407Saturday, May 07, 2016 2:11 PM GMT

cringe

jody7777

Join Date: 2009-02-22
Post Count: 1343

#188773759Sunday, May 08, 2016 4:18 AM GMT

"skip captcha" .... I HEREBY SHALL BE RESTRAINED BY NOW CAPTCHAS!!!! /s FOR THE CAUSE

LegendaryAccount

Join Date: 2010-06-02
Post Count: 13193

#188775154Sunday, May 08, 2016 4:53 AM GMT

Awhile ago roblox had it that you can do 3 wrong then log into a real account would set the count back to 0 which would let bruteforce be possible but roblox patched that. I don't know how capachas work but I believe its another parameter passed through the login api which would be impossible to bypass.

Belleq

Join Date: 2014-06-05
Post Count: 21703

#188775401Sunday, May 08, 2016 5:00 AM GMT

Erm...