Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


RE: password cracking a web form, tried hydra and brutus
.

  • To: "Rob Shein" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
  • Subject: RE: password cracking a web form, tried hydra and brutus
  • From: "aRt dE vIvRe" <[EMAIL PROTECTED]>
  • Date: Thu, 5 Feb 2004 15:48:00 +0530 (IST)
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
.
 
Hi,

> The problem is you're trying to use HTTP authentication, instead of
> submitting the results to the form.

Yes, you are right. I tried Accessdriver also, but that also works only
for HTTP authentication and not for submitting form.

> Your better bet is to work something
> up,
> in perl most likely (but any tcp-capable language will do), that will
> submit
> requests just as would happen if you were to sequentially try various
> login
> attempts on their web page.

Sorry, but I'm not so good at programming.
Is there any open source program which does this? I'm looking for such a
program over a week now, but no luck!

> There are also other ways you could poke at it...have you tried SQL
> injection attacks in either the password or login field?

Can you please put some more light on it!

Thanx and Regards,
b'shan


---------------------------------------------------------------------------
----------------------------------------------------------------------------
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.