Re: HTTP NTLM password cracker

From: dave@immunitysec.com
Date: Thu May 08 2003 - 13:16:11 EDT

• Next message: R. DuFresne: "Re: Loose source routing for remote host discovery"
• Previous message: S. Rohit: "Re: HTTP NTLM password cracker"
• In reply to: S. Rohit: "Re: HTTP NTLM password cracker"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

SPIKE (http://www.immunitysec.com/) will brute force that for you -
although not terribly quickly. It's a slow protocol.

Dave Aitel
Consulting Manager
Immunity, Inc.

> hi...
>
> try the tool cain and able... it can crack http ntlm plus a few
> others,
> by sniffing the traffic of the network. u can download it from
> http://www.oxid.it/ .... hope it helps.
>
> rohit
>
> ----- Original Message -----
> From: "Gary O'leary-Steele" <garyo@sec-1.com>
> To: <pen-test@securityfocus.com>
> Sent: Thursday, May 08, 2003 11:46 PM
> Subject: HTTP NTLM password cracker
>
>
>> Hi all,
>>
>> Does anyone know of a good HTTP NTLM (not basic auth) brute
> force/dictionary
>> password cracker. I'm trying to gain access to a site which is using
>> FrontPage extensions.
>>
>> /_vti_bin/_vti_aut/author.dll?blah.blah (Auth: NTLM)
>>
>> Regards,
>> Gary
>> Sec-1
>> www.sec-1.com
>>
>>
>> --------------------------------------------------------------------------
> -
>> Did you know that you have VNC running on your network?
>> Your hacker does.
>> Plug your security holes.
>> Download a free 15-day trial of VAM:
>> http://www.securityfocus.com/StillSecure-pen-test
>> --------------------------------------------------------------------------
> --
>>
>>
>
>
>
> ---------------------------------------------------------------------------
> Did you know that you have VNC running on your network?
> Your hacker does.
> Plug your security holes.
> Download a free 15-day trial of VAM:
> http://www.securityfocus.com/StillSecure-pen-test
> ----------------------------------------------------------------------------
>
>

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

• Next message: R. DuFresne: "Re: Loose source routing for remote host discovery"
• Previous message: S. Rohit: "Re: HTTP NTLM password cracker"
• In reply to: S. Rohit: "Re: HTTP NTLM password cracker"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:32 EDT