Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


RE: password cracking a web form, tried hydra and brutus
.

  • To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
  • Subject: RE: password cracking a web form, tried hydra and brutus
  • From: Sasa Jusic <[EMAIL PROTECTED]>
  • Date: Fri, 6 Feb 2004 15:03:52 +0100
.
 
Hi,

You can try Curl. It is great tool and it has an option for submitting data
using HTTP POST method. As said before, the problem is you're trying to use
HTTP authentication, instead of submitting the data to the form. I think
that SquirrelMail is using POST method for submitting user data to the
server, so this could be the solution for your problems.

Another important issue in brute-forcing Web logins is the usage of cookies.
Some applications (like Webmin) require you to send the cookie value (which
has been sent in the previous reply from the Web server) as part of your
login request. In this case you must store the cookie value in separate
file, and than use it in your login request (you can do it also with curl,
switches -c, -b).

Best Regards,

Sasa.
>-----Original Message-----
>From: aRt dE vIvRe [mailto:[EMAIL PROTECTED]
>Sent: 2. veljaèa 2004 15:53
>To: [EMAIL PROTECTED]
>Subject: password cracking a web form, tried hydra and brutus
>
>
>hi,
>
>we are conducting a PT for a website. In order to password crack the
>login/password form authentication (which happens to be squirrelmail,
>written in php, looks similar to the login page of yahoo or msn)  I was
>looking for some tools.
>
>I came across Hydra and Brutus. When I tried Brutus on an inhouse dummy
>site, after configuring the parameters the target would automatically
>become <target>redirect.php. I googled but couldnot find a 
>solution to it.
>
>
>Then I tried hydra at with following command:
># hydra  -l smg -p we2su 192.168.0.3  http /webmail/src/login.php
>
>it resulted as:
>[80][www] host: 192.168.0.2   login: smg   password: we2su
>
>which is a wrong result since I had given the wrong password.
>
>I get the same result for valid or invalid passwords.
>
>Am I doing anything wrong?
>
>Is there any other tool which does what I'm looking for?
>
>Pls. help me with this :)
>
>Regards,
>B'shan
>
>
>
>
>
>
>
>
>
>---------------------------------------------------------------
>------------
>---------------------------------------------------------------
>-------------
>
>

---------------------------------------------------------------------------
----------------------------------------------------------------------------
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.