Penetration Testing mailing list archives

Re: Tutorial for brute forcing Web apps,

From: Christine Kronberg <seeker () shalla de>
Date: Thu, 16 Nov 2006 13:32:14 +0100 (CET)

On Wed, 15 Nov 2006, IRM wrote:

I am looking for tutorial on how to Brute forcing the Web apps -
especially when the Username and Password are on the form. I tried a
couple tools like C-Force but I had no luck on getting it running. So I
was wondering if possible to get on tutorial on how to use the tool or
perhaps maybe if you could suggest me the tool that is commonly use for
brute forcing the web apps.


  Hydra does the job quite nicely:
  -> http://www.thc.org/thc-hydra/

  Cheers,

  Chris Kronberg.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

Tutorial for brute forcing Web apps, IRM (Nov 15)
- RE: Tutorial for brute forcing Web apps, Maxime Ducharme (Nov 16)
- Re: Tutorial for brute forcing Web apps, Christine Kronberg (Nov 16)