Re: Bruteforce HTTP Basic authentification

From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Wed Aug 17 2005 - 21:13:08 EDT

• Next message: Todd Towles: "RE: Bruteforce HTTP Basic authentification"
• Previous message: michael_black@comcast.net: "Re: MS05-039 Scanner"
• In reply to: nik: "Bruteforce HTTP Basic authentification"
• Next in thread: Todd Towles: "RE: Bruteforce HTTP Basic authentification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Why not just capture the network traffic logon and decode the base64
uname/pwd?

t

----- Original Message -----
From: "nik" <nik@adminzone.ru>
To: <pen-test@securityfocus.com>
Sent: Wednesday, August 17, 2005 2:33 AM
Subject: Bruteforce HTTP Basic authentification

> Hello list!
> I'm doing little pen-test of a web-application for a small company.
> This application uses HTTP Basic autintification. So the question is:
> does any one know some tools (such as brutus) for brutforce usernames
> and passwors for this type of authentification. These tools must run
> under Linux or FreeBSD.
>
> PS. Sorry for my poor English.... I'm from Russia.
>
> With best regards Nik.
>
> ------------------------------------------------------------------------------
> FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
>
> Learn the hacker's secrets that compromise wireless LANs. Secure your
> WLAN by understanding these threats, available hacking tools and proven
> countermeasures. Defend your WLAN against man-in-the-Middle attacks and
> session hijacking, denial-of-service, rogue access points, identity
> thefts and MAC spoofing. Request your complimentary white paper at:
>
> http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
> -------------------------------------------------------------------------------
>
>
>

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

• Next message: Todd Towles: "RE: Bruteforce HTTP Basic authentification"
• Previous message: michael_black@comcast.net: "Re: MS05-039 Scanner"
• In reply to: nik: "Bruteforce HTTP Basic authentification"
• Next in thread: Todd Towles: "RE: Bruteforce HTTP Basic authentification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:45 EDT