From: Mister Dookie (misterdookie@gmail.com)
Date: Wed Nov 01 2006 - 12:59:23 EST
Hey Juan B,
Select Pass Mode: Brute Force, then click on "Range". Select the radio
button for "Digits Only" and then set the minimum and maximum range
for password length. There you go!
Regards,
Jason
On 10/31/06, Juan B <juanbabi@yahoo.com> wrote:
> Hi,
>
> I am conducting a pen test for a client of mine.
> in his web server he is using basic authntication
> (base 64)
> I need to issue a brute force attack against his
> authentication scheme.
> I know that the users and password are all numbers.
> foe example the user might be something as:
> 5486
> and the password could be :
>
> 546846533
> The users are limited to 4 numbers and the passwords
> for 8 numbers.
>
> How I can tell brutus or hydra to use only numbers in
> the brute force?
>
> Thanks very much !
>
> Juan
>
>
>
> ____________________________________________________________________________________
> Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates
> (http://voice.yahoo.com)
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:16 EDT