From: lists AT dawes DOT za DOT net (@securityfocus.com)
Date: Thu Feb 05 2004 - 12:03:15 EST
Try some of the tools that you'll find here:
http://neworder.box.sk/box.php3?gfx=neworder&prj=neworder&key=wwwcrks
Rogan
aRt dE vIvRe wrote:
> Hi,
>
>
>>The problem is you're trying to use HTTP authentication, instead of
>>submitting the results to the form.
>
>
> Yes, you are right. I tried Accessdriver also, but that also works only
> for HTTP authentication and not for submitting form.
>
>
>>Your better bet is to work something
>>up,
>>in perl most likely (but any tcp-capable language will do), that will
>>submit
>>requests just as would happen if you were to sequentially try various
>>login
>>attempts on their web page.
>
>
> Sorry, but I'm not so good at programming.
> Is there any open source program which does this? I'm looking for such a
> program over a week now, but no luck!
>
>
>>There are also other ways you could poke at it...have you tried SQL
>>injection attacks in either the password or login field?
>
>
> Can you please put some more light on it!
>
> Thanx and Regards,
> b'shan
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------
>
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:47 EDT