Skip to content
Multithreaded account retrieval system for Zero Hedge.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Multithreaded Account Retrieval System

Multithreaded account retrieval system for Zero Hedge.


This program exploits some major deficiencies in the user account protocol of Zero Hedge, a financial news web site, in order to retrieve account information.

Zero Hedge user accounts are given specific identification numbers when they are created. This number system is based on the number of accounts that have been created.

In addition to this, the login form has no form of protection against robots. This allows for retrieval of accounts in order of their creation using a password list.

This program sends login requests to user 0 and increments the user identification number, trying each password in passwords.txt as it goes.

Although the Zero Hedge front-end is wanting in some form of protection against robots, their back-end does have a limit for requests per time, probably for protection against denial-of-service attacks.

To combat this, the program includes a mere pass statement when it encounters a request limit error, giving enough time for the server to begin accepting new requests. This does have the effect of skipping that particular user and password combination, making the account retrieval imperfect. A function for repeating skipped combinations has yet to be implemented.


Change the passwords.txt file to the desired configuration, and use:


You can’t perform that action at this time.