Re: BruteForcing?

From: Fab (fab@revhosts.net)
Date: Mon Oct 16 2006 - 16:20:43 EDT

• Next message: Florian Osses: "Re: unswitched behavior of a switched network..."
• Previous message: Nicob: "Re: unswitched behavior of a switched network..."
• In reply to: 09sparky@gmail.com: "BruteForcing?"
• Next in thread: Hagen, Eric: "RE: BruteForcing?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

You should try the defaults passwords list :
http://www.phenoelit.de/dpl/dpl.html

and try some Cisco hack tool :
http://packetstormsecurity.org/cisco/
(goods results with Cisco Torch & CGE, but steathless ;-) )

Fab

Le dimanche 15 octobre 2006 à 18:03 +0000, 09sparky@gmail.com a écrit :
> This is more of a general brute forcing question, but one which I could use some assistance.
>
> I am attempting to brute force some telnet sessions (Cisco Routers - CISCO IOS 12.2 and IOS 12.3(8), Cisco 1721 router). When telnet'ing in, it only prompts me for a PW (Not a username). It has a 3 attempts disconnect, so I get disconnected and have to reconnect.
>
> My question is:
> How and what tool should I use to try and brute force (dictionary attack) this session?
> I have tried Hydra, but when I get disconnected (after 3 attempts), it tells me it is "finished". Not sure if there is a way to make it reconnect. Is there a better tool or other techniques that would work better?
>
> Second question: Brute forcing also, but against WebPages. For example, a Cisco 3000 VPN Concentrator, I have the webpage asking for username/password. How would I attempt to dictionary attack this?
>
> Thanks,
> Sparky
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>

-- 
http://www.revhosts.org
PGP KeyID: 1E4AEDAC
Fingerprint : CBFE 4767 481C 3252 9611  A42A 3122 7F40 1E4A EDAC
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Florian Osses: "Re: unswitched behavior of a switched network..."
• Previous message: Nicob: "Re: unswitched behavior of a switched network..."
• In reply to: 09sparky@gmail.com: "BruteForcing?"
• Next in thread: Hagen, Eric: "RE: BruteForcing?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:13 EDT