From: Kroma Pierre (kroma@syss.de)
Date: Mon Jul 12 2004 - 06:51:07 EDT
that's is a problem of brutus. I know the problem! you can attack for example a pop3 or telnet account and you will see, brutus also will said, he found for example a password "aaa" or s.th. else! But if you want to verify it, you will see the passwords are wrong!
use another password cracker! brutus is not reliable enough! (try for example "hydra" from www.thc.org).
hope to help you.
pierre
On Thu, 1 Jul 2004 12:04:04 -0400 (EDT)
Martin S <shurbanm@vuser.vu.union.edu> wrote:
> I am testing a couple of Raptor firewalls (6.1 apparently). And I ran
> Brutus on port 80 just to see what's going to happen using Forms
> authentication. It does pick up 2 successful authentications using (admin
> and backup as logins). However, this cannot be right as first of all it
> picks up different passwords (like aaa or academia on different runs) and
> secondly a web browser session on port 80 comes back with:
> "
> Service Unavailable
> The proxy is currently unable to handle the request due to a (possibly)
> temporary error. Extended error information is:
>
> If this situation persists, please contact your firewall administrator. "
>
> Any ideas?
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:57 EDT