Penetration Testing mailing list archives

RE: Hydra For Windows?

From: "Dino Dogan" <ddogan () navisys com>
Date: Tue, 24 Oct 2006 18:19:52 -0400

Cant you use L0phtCrack for that. Instead of using built in dictionary ,
you could load your own list. 

Dino Dogan
Network Engineer
NaviSys
499 Thornall Street
Edison, NJ 08837-2235
www.navisys.com 
732.767.3828  PH
732.635.9576  FX
NaviSys has been acquired by Accenture. 
Find out more.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Mister Dookie
Sent: Monday, October 23, 2006 11:56 AM
To: pen-test () securityfocus com
Subject: Hydra For Windows?
Importance: Low

Hello list,

I am looking for a way to test the computers on my network for weak
passwords. For instance, say I have the network (192.168.123.1-254)
for company "Tomcat" and I know most people either login as
"Administrator" (not the best I know but some battles are not worth
fighting) or the convention of LastName + First Initial. I just want
to be able to scan the network to make sure people aren't using the
company name or a simple derivation of the company name as their
password. Therefore, I just want to scan the user names on the network
against a small list of passwords like Tomcat, Tomcat1, TomCat,
TomCat1, tomcat, tomcat1 and so forth. If people are using the company
name as the password I can have them change it. That's all I want.

Is there a good (hopefully freeware but doesn't have to be) program
out there to help me accomplish this task?

Thanks,
John

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

Hydra For Windows? Mister Dookie (Oct 24)
- RE: Hydra For Windows? h0W@rD Sh33n (Oct 24)
  - RE: Hydra For Windows? kim kihong (Oct 25)
- Re: Hydra For Windows? pand0ra (Oct 24)
  - Re: Hydra For Windows? Lee Lawson (Oct 25)
- Re: Hydra For Windows? Jason Ross (Oct 24)
- <Possible follow-ups>
- RE: Hydra For Windows? Dino Dogan (Oct 24)
  - Re: Hydra For Windows? DaKahuna (Oct 25)
- Re: Hydra For Windows? Marco Ivaldi (Oct 25)