Penetration Testing mailing list archives

Re: Brute force web/ftp/telnet tool

From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Wed, 12 Sep 2001 16:57:33 -0400 (EDT)

On Wed, 12 Sep 2001, Craig Duerr (Anaheim) wrote:

Can anyone recommend a brute force password tool for use with a web
page, ftp or telnet account? I would like to demonstrate to my
developers the amount of time it takes to get into a system with weak
passwords and zero logging.


people have modified this in the past to work with other login mechanisms:

http://www.crimelabs.net/docs/sshd1-logging.txt

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Brute force web/ftp/telnet tool Craig Duerr (Anaheim) (Sep 12)
- Re: Brute force web/ftp/telnet tool Josha Bronson (Sep 12)
- Re: Brute force web/ftp/telnet tool Jose Nazario (Sep 12)
- Re: Brute force web/ftp/telnet tool José J. Cintrón (Sep 12)
- <Possible follow-ups>
- Re: Brute force web/ftp/telnet tool JAnsari (Sep 12)
  - Re: Brute force web/ftp/telnet tool Meritt James (Sep 13)