Penetration Testing mailing list archives
Re: BruteForcing?
From: Fab <fab () revhosts net>
Date: Mon, 16 Oct 2006 22:20:43 +0200
Hi, You should try the defaults passwords list : http://www.phenoelit.de/dpl/dpl.html and try some Cisco hack tool : http://packetstormsecurity.org/cisco/ (goods results with Cisco Torch & CGE, but steathless ;-) ) Fab Le dimanche 15 octobre 2006 à 18:03 +0000, 09sparky () gmail com a écrit :
This is more of a general brute forcing question, but one which I could use some assistance. I am attempting to brute force some telnet sessions (Cisco Routers - CISCO IOS 12.2 and IOS 12.3(8), Cisco 1721 router). When telnet'ing in, it only prompts me for a PW (Not a username). It has a 3 attempts disconnect, so I get disconnected and have to reconnect. My question is: How and what tool should I use to try and brute force (dictionary attack) this session? I have tried Hydra, but when I get disconnected (after 3 attempts), it tells me it is "finished". Not sure if there is a way to make it reconnect. Is there a better tool or other techniques that would work better? Second question: Brute forcing also, but against WebPages. For example, a Cisco 3000 VPN Concentrator, I have the webpage asking for username/password. How would I attempt to dictionary attack this? Thanks, Sparky ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
-- http://www.revhosts.org PGP KeyID: 1E4AEDAC Fingerprint : CBFE 4767 481C 3252 9611 A42A 3122 7F40 1E4A EDAC ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- BruteForcing? 09sparky (Oct 16)
- Re: BruteForcing? Fab (Oct 16)
- Re: BruteForcing? Jeremy Saintot (Oct 17)
- Re: BruteForcing? Christine Kronberg (Oct 17)
- <Possible follow-ups>
- RE: BruteForcing? Hagen, Eric (Oct 16)
- Re: BruteForcing? Paolo Scarabelli (Oct 17)
- RE: BruteForcing? Troy Fletcher (Oct 17)
- Re: BruteForcing? Rogan Dawes (Oct 18)
- RE: BruteForcing? Troy Fletcher (Oct 17)
- RE: BruteForcing? Hagen, Eric (Oct 17)