Penetration Testing mailing list archives
Re: French - Dictionnary attack
From: Mordread Wallas <mordread.wallas () gmail com>
Date: Wed, 10 Aug 2005 21:07:49 +0200
Hi, I'd suggest you to create you hown dictionary, after spending some time analyzing the focused application (and check what type of characters are allowed, min and max length, etc). Don't forget to add common words and names from popular movies and books (the matrix, lords of the ring, harry potter, etc). Then you could use your own script (maybe John the ripper can do it, I don't know) to create a new hybrid dictionary based on yours (adding letters, numbers, swithing characters, etc)... As dictionary attack are faster than bruteforce, add in you dics: - 4 characters numbers from 0000 to 9999 (bidthday dates, pin codes, ...), - 10 characters numbers (phone numbers), And then, use you 6th sense ;-) @+ 2005/8/10, Moussa Diallo <moussa () diallo org>:
securityfocus () benmansour net a écrit :Hi pen-testers, I need to perform some basic password guessing tests on a France based online application. I am contemplating using Brutus (http://www.hoobie.net/brutus/) for the testing. Could you please recommend similar tools that could perform: - brute force attacks - dictionnary attacks on a web based FORM ? Selection criterias might include tolerance to timeout, as well as speed, ability to interrupt/resume a test. I am also looking for French specific dictionnaries that could help for this type of testing. Thanks in advance. Regards, sbm ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------I will recommand you to use : Bruteforce *Hydra* : http://www.thc.org Dictionnary ftp://ftp.openwall.com/pub/wordlists/ Best regards, Moussa ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- French - Dictionnary attack securityfocus (Aug 09)
- Re: French - Dictionnary attack Security Focus Mailing List (Aug 10)
- Re: French - Dictionnary attack David Eduardo Acosta Rodríguez (Aug 10)
- Re: French - Dictionnary attack Moussa Diallo (Aug 10)
- Re: French - Dictionnary attack Mordread Wallas (Aug 10)
- Re: French - Dictionnary attack s0u1d13r s0u1d13r (Aug 10)
- Re: French - Dictionnary attack Sugiowono (Aug 11)
- RE: French - Dictionnary attack Steve A (Aug 11)
- Re: French - Dictionnary attack Security Focus Mailing List (Aug 10)