Penetration Testing mailing list archives
RE: Brute-forcing Dial-up password after war-dial
From: Yanisto <yanisto () nuxed org>
Date: Sat, 27 Sep 2003 16:34:42 +0200
Indeed, it obviously depends on the OS you're operating from but if it's a UNIX-like, i'd suggest you to get that great tool, from THC : http://www.thc.org/download.php?t=r&d=login_hacker-1.1.tar.gz It's a shellscript using minicom, and, as a shellcript, remains highly configurable... Enjoy. Yanisto. Le ven 19/09/2003 à 17:15, Hagen, Eric a écrit :
Careful that you have a written contract with the company you're war-dialing. Otherwise, it's often a felony in many jurisdicitions and even if you don't penetrate anything, can land you in some serious hot water. Assuming you DO have a contract with the company, there is one called THC that would be worth a try. It used to be hosted by a University, but it's since been taken off their site IIRC. It has a scripting language that will let you script password attacks and I believe can even import a 'words' or 'names' file if you choose. Eric Hagen -----Original Message----- From: Michelangelo Sidagni [mailto:m.sidagni () verizon net] Sent: Thursday, September 18, 2003 9:55 AM To: pen-test () securityfocus com Subject: Brute-forcing Dial-up password after war-dial After a war dial, I obtained a list of phone numbers that responded with a carrier (PPP or other). Is there a free tool out there that bruteforce Dial-up ID and passwords on the numbers identified by the war dial? I know that PhoneSweep does that, but is there a workaround / free program to do that? Mike
Attachment:
signature.asc
Description: Ceci est une partie de message numériquement signée
Current thread:
- RE: Brute-forcing Dial-up password after war-dial Hagen, Eric (Sep 19)
- RE: Brute-forcing Dial-up password after war-dial Yanisto (Sep 29)
- <Possible follow-ups>
- Re: Brute-forcing Dial-up password after war-dial noconflic (Sep 22)
- Re: Brute-forcing Dial-up password after war-dial Tomas Nybrand (Sep 23)