SV: thc-pptp-bruter problem?

From: Carl-Johan Bostorp (carl-johan.bostorp@hps.se)
Date: Tue Feb 14 2006 - 04:01:38 EST

• Next message: Marc Maiffret: "RE: Qualys"
• Previous message: Cedric Blancher: "Re: local proxy udp 53"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Yes, I tested it against a WatchGuard Firebox 700 about 4 months ago and as for you, it failed. Unless I'm confusing things with ssh2 now (which also failed against OpenSSH 3.8.1p1), I traced it down in the source to a segment of code (it landed there for some reason, and then got stuck) but my work kind of stopped there as I found the code hard to understand (and that in turn may be 'cause I don't know much about the workings of PPTP). At that time I thought it would be easier to build my own PPTP-bruter the day I needed it, borrowing code from pptpconfig.

Nice to know it does work against MS Windows though :)

/C-J

-----Ursprungligt meddelande-----
Från: Marco Ivaldi [mailto:raptor@0xdeadbeef.info]
Skickat: den 13 februari 2006 11:29
Till: pen-test@securityfocus.com
Ämne: thc-pptp-bruter problem?

Hey pen-testers,

Since i wasn't able to directly email people at thc.org [1], i'm writing here. Just wanted to share some kinda weird problems i'm currently experiencing with thc-pptp-bruter v0.1.4.

It seems to work flawlessly against Windows:

# cat test | thc-pptp-bruter x.x.x.x
Hostname 'xxx', Vendor 'Microsoft Windows NT', Firmware: 2195
5 passwords tested in 0h 00m 00s (5.00 5.00 c/s)
9 passwords tested in 0h 00m 02s (1.82 4.50 c/s) [...]

But at least against Cisco VPN 3000 Concentrator and WatchGuard it presents the following behaviour:

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Marc Maiffret: "RE: Qualys"
• Previous message: Cedric Blancher: "Re: local proxy udp 53"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT