Re: passw0rd trial limit

From: Zed Qyves (zqyves.spamtrap@gmail.com)
Date: Mon Jun 26 2006 - 03:47:40 EDT

• Next message: Hernan Ochoa: "Universal Hooker - Tool release"
• Previous message: scott: "re:online fraud protection"
• Maybe in reply to: ceyhun: "passw0rd trial limit"
• Next in thread: Beauford, Jason: "RE: passw0rd trial limit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

I am curious as to how and where is this "5 times login" enforced?

Few implementations I've seen do it client side either with a cookie
or, even worse, a hidden field. Others do it server side on a session
table or other, home made structure.

If the first is the case you are in luck. I don't recall any
bruteforcer tools that actually let you modify the Set-Cookie
directive so you may have to run it through a personal proxy that will
auto manipulate this field - WebProxy, if you can still get hold of it
on the Net since it seems to have disappeared has a RegEx match and
replace pattern which can come in handy in the above - of cource the
bruteforcer needs to have proxy support. If its is a hidden value,
well keep requesting with field value 1 and you should be ok.

If server side user session inval login attemps storeage is used there
is not really anything you can do but try attacking the bruteforcing
problem in a different approach:

pick the most common password in you opinion - I would say 123456 or
654321 - and run it through all the usernames, depending on the size
of the application users' database you are bound to have some hits.

Hope it helps.

ZQyves

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

• Next message: Hernan Ochoa: "Universal Hooker - Tool release"
• Previous message: scott: "re:online fraud protection"
• Maybe in reply to: ceyhun: "passw0rd trial limit"
• Next in thread: Beauford, Jason: "RE: passw0rd trial limit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:10 EDT