Re: password cracker for PCAnywhere and VNC (RFB 003.008)

From: Sean M. Krause (ARCHONOVERLORD@hotmail.com)
Date: Wed Mar 01 2006 - 22:43:56 EST

• Next message: Martin: "Any medication you will ever need! Privacy guaranteed."
• Previous message: johnny Mnemonic: "PT Report delivery (caveats)"
• In reply to: 3 shool: "password cracker for PCAnywhere and VNC (RFB 003.008)"
• Next in thread: jmk: "Re: password cracker for PCAnywhere and VNC (RFB 003.008)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

HYDRA from THC is a dicionary based password cracker that works on the
following services
  Supported protocols: telnet, ftp, pop3, imap, smb, smbnt, http-head,
http-get, https-head, https-get, http-proxy, cisco, cisco-enable, vnc,
ldap2, ldap3, mssql, mysql oracle-listener, postgres, nntp, socks5, rexec,
rlogin, pcnfs, snmp, rsh, cvs, svn, icq, sapr3, ssh2, smtp-auth, pcanywhere,
teamspeak, sip, vmauthd
SSH2 does not work with the windows version, but can be compiled with LIBSSH
for *nix systems

it can be found at:
http://thc.org/thc-hydra/

----- Original Message -----
From: "3 shool" <3shool@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Wednesday, March 01, 2006 2:08 PM
Subject: password cracker for PCAnywhere and VNC (RFB 003.008)

Hi,

I'm doing a Penetration Test for two servers. Nmap has identified both
the servers as Windows 2003 .Net. Both the servers are running a web
appilication each, 1 is on Lotus Domino and other on IIS 6.0. The
first one looks to be Lotus Domino email server and the other what I
found from its webpage is a Datawarehouse from Cognos (BI system).

Nessus didn't show any vulnerability on these servers. But these
systems have services like VNC and PCAnywhere. So I think Password
Cracking at this stage would be the best idea.

Could anyone suggest a good tool for password cracking following:
1. PCANywhere
2. VNC
3. Website forms (form based authentication using HTTPS)
4. FTP

Await your reply.

Thanks in advance.

------------------------------------------------------------------------------
This List Sponsored by: Lancope

"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed
enterprise networks. StealthWatch, the veteran Network Behavior Analysis
(NBA)
and Response solution, leverages Cisco NetFlow to provide scalable,
internal network security.
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and
Response
Systems in the Enterprise."

http://www.lancope.com/resource/
------------------------------------------------------------------------------

------------------------------------------------------------------------------
This List Sponsored by: Lancope

"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed
enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA)
and Response solution, leverages Cisco NetFlow to provide scalable,
internal network security.
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response
Systems in the Enterprise."

http://www.lancope.com/resource/
------------------------------------------------------------------------------

• Next message: Martin: "Any medication you will ever need! Privacy guaranteed."
• Previous message: johnny Mnemonic: "PT Report delivery (caveats)"
• In reply to: 3 shool: "password cracker for PCAnywhere and VNC (RFB 003.008)"
• Next in thread: jmk: "Re: password cracker for PCAnywhere and VNC (RFB 003.008)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:35 EDT