From: mjcarter@ihug.co.nz
Date: Wed Sep 14 2005 - 18:47:27 EDT
Hi Karlo,
GFI LANguard version 3.2 and above? does this, you can also
edit the dictionary. http://www.gfi.com/lannetscan/
Mike
www.infosec.co.nz
> *Disclaimer*
> Having been a longtime reader of this list, I understand
> the general (let's call it) "disdain" for those security
> professionals who run nessus/iss/whathaveu scans and
> A)call that a pentest and B) call themselves pentesters (I
> call these people App-jockeys, all click and no think. So
> let me open with the statement that while I do run these
> types of scans as part of my duties as a security engineer
> , I am not a dedicated pen-tester nor do I claim that my
> kung-fu is as adept as many of the VERY educated posters
> here.
>
> Having said that I have a very simple question that has
> been eluding me as of late. What ever happened to the
> evolution of the Windows share scanner/brute force
> utility?
>
> I've done what I consider to be fairly extensive Google
> searching, but have not been able to find a utility that
> fits the following parameters:
>
> Run on windows, scans an IP range for machines with
> accessible netbios shares, and is capable of attempting a
> brute force attempt on these shares, using a wordlist it
> generates on the fly and is configurable to length and
> character content (much like Brutus).
>
> Come to think of it, only application I've found that
> comes close is Brutus, however this tool always sets off
> my AV software and I feel uneasy running any app that
> requires me to disable my AV software (Symantec). Even
> then, I can't seem to get Brutus to work and the
> documentation is less than extensive. The rest of the
> tools I've found are hoplessly outdated (PQwak or Xsharez
> anyone?) and attempt to exploit an ancient vulnerability
> in the way Win9x systems handled authentication. If only
> Rhino9 still coded apps, there was an elegant simplicity
> to those apps...
>
> My guess is the evolution of this slowed ever since more
> and more ISPs started to block netbios traffic from
> getting to their clients, however as many of the big name
> viruses have shown us, netbios can still be a
> soft-underbelly of attack.
>
> Is there something wrong with the Google incantations I'm
> using? I've tried many combinations of: Brute force,
> netbios, share, scanner, smb, and a few others. I can't
> seem to get it right.
>
> I'd appreciate anyones time in bringing me from darkness
> into light on this puzzlement of mine.
>
> Thanks,
>
> Karlo --madmexATmoonstarDOTcom
>
> ----------------------------------------------------------
> -------------------- Audit your website security with
> Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking
> applications on your website. Up to 75% of cyber attacks
> are launched on shopping carts, forms, login pages,
> dynamic content etc. Firewalls, SSL and locked-down
> servers are futile against web application hacking. Check
> your website for vulnerabilities to SQL injection, Cross
> site scripting and other web attacks before hackers do!
> Download Trial at:
>
> nsibility for any damage
> > whatsoever that is caused by viruses being passed. Any views or
> > opinions presented are solely those of the author and do not
> > necessarily represent those of the Barclays Group. Replies to this
> > email may be monitored by the Barclays Group for operational or
> > business reasons.
> >
> > --------------------------------------------------------------
> > ----------
> >
> >
> > --------------------------------------------------------------
> > ----------------
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on
> > your website. Up to 75% of cyber attacks are launched on shopping
> > carts, forms, login pages, dynamic content etc. Firewalls, SSL and
> > locked-down servers are futile against web application hacking.
> > Check your website for vulnerabilities to SQL injection, Cross site
> > scripting and other web attacks before hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> > --------------------------------------------------------------
> > -----------------