Security Basics mailing list archives
Re: Question on Tsgrinder and Hydra
From: security <security () xentek net>
Date: Wed, 6 Sep 2006 17:42:34 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1I'd throw -l Administrator at it, and other common account names. Or use your preexisting knowledge of the environment and throw a none good user at it.
- -em On Sep 6, 2006, at 3:17 AM, barcajax () gmail com wrote:
I have been tasked with demonstrating how trivial it is to brute force a server running VNC and Terminal Services.I have a wordlist that will be used by both tools.Tried both GUI and CLI versions of Hydra by specifying the protocol (VNC), password file and IP. I have a problem as Hydra keeps prompting me to include the -l switch to include a username to brute force. VNC does not have a user so can someone please tell me what I'm missing in this picture?I used Tsgrinder against Terminal Services and it worked like a charm. My only question is, does it have a switch to control brute force attempt timing like Hydra does? I don't see one.---------------------------------------------------------------------- -----This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree,without disrupting your career or home life. http://www.msia.norwich.edu/secfocus---------------------------------------------------------------------- -----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) iD8DBQFE/0DLj8o5VXXdUSwRAln2AKDUTvaeIbpzIPm8AD+mchBQX2QToACfa8cL AS313+4+s7c/BJSImGJEJmY= =IkNR -----END PGP SIGNATURE----- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Question on Tsgrinder and Hydra barcajax (Sep 06)
- Re: Question on Tsgrinder and Hydra security (Sep 07)