Penetration Testing mailing list archives
Re: Hydra For Windows?
From: "Jason Ross" <algorythm () gmail com>
Date: Tue, 24 Oct 2006 18:09:41 -0400
On 10/23/06, Mister Dookie <misterdookie () gmail com> wrote:
I just want to be able to scan the network to make sure people aren't using the company name or a simple derivation of the company name as their password.
medusa (http://www.foofus.net/jmk/medusa/medusa.html) supports smb brute force, you may be able to use that for this purpose if you connected to administrative shares/etc. (this of course presumes that connecting to the administrative shares is permitted) depending on the number of hosts/passwords you're talking about, it may be simpler/sufficient to just write an automated conn. script using perl | vbscript | wmi and loop through ... -- jason ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Hydra For Windows? Mister Dookie (Oct 24)
- RE: Hydra For Windows? h0W@rD Sh33n (Oct 24)
- RE: Hydra For Windows? kim kihong (Oct 25)
- Re: Hydra For Windows? pand0ra (Oct 24)
- Re: Hydra For Windows? Lee Lawson (Oct 25)
- Re: Hydra For Windows? Jason Ross (Oct 24)
- <Possible follow-ups>
- RE: Hydra For Windows? Dino Dogan (Oct 24)
- Re: Hydra For Windows? DaKahuna (Oct 25)
- Re: Hydra For Windows? Marco Ivaldi (Oct 25)
- RE: Hydra For Windows? h0W@rD Sh33n (Oct 24)