Penetration Testing mailing list archives
RE: Hydra For Windows?
From: "kim kihong" <mao0524 () hotmail com>
Date: Wed, 25 Oct 2006 09:37:11 +0900
enum is very simple! (http://www.bindview.com/Resources/RAZOR/Files/enum.tar.gz)If you download it and you compile on Visual studio, you have to add links "Netapi32.lib Mpr.lib" into <Project-Settings> Menu. :)
You also create script(.bat or .cmd...) as following, C:\cmdtools\enum\Release>enum -D -u kyo0n6 -f password.lst 10.10.10.10 username: kyo0n6 dictfile: password.lst server: 10.10.10.10 (1) kyo0n6 | 12345 return 1326, logon failed:... (2) kyo0n6 | abc123 return 1326, logon failed:...(3) kyo0n6 | password return 1326, logon failed:...(4) kyo0n6 | abcd123 password found: abcd337 C:\cmdtools\enum\Release> Kihong Kim CERT /SAMSUNG Information Security Center [☎] 82-2-728-4603 (Time. GMT+9) [☏] 82-10-3126-5364[e-mail] kihong_kim () samsung com
From: "h0W@rD Sh33n" <flee74 () gmail com> To: "'Mister Dookie'" <misterdookie () gmail com> CC: <pen-test () securityfocus com> Subject: RE: Hydra For Windows? Date: Wed, 25 Oct 2006 08:29:55 -0700 Hydra 4 Win32 -> http://thc.segfault.net/thc-hydra/ Anyway...as a business-majored pen-tester -_-^ I would use excel and make script(.bat file???) like below..LOL net use \\192.168.123.1\IPC$ Tomcat /user:Administrator net use \\192.168.123.2\IPC$ Tomcat /user:Administrator net use \\192.168.123.3\IPC$ Tomcat /user:Administrator net use \\192.168.123.4\IPC$ Tomcat /user:Administrator . . . Just 4 fun..never mind... Cheers! -----Original Message-----From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On
Behalf Of Mister Dookie Sent: Monday, October 23, 2006 8:56 AM To: pen-test () securityfocus com Subject: Hydra For Windows? Hello list, I am looking for a way to test the computers on my network for weak passwords. For instance, say I have the network (192.168.123.1-254) for company "Tomcat" and I know most people either login as "Administrator" (not the best I know but some battles are not worth fighting) or the convention of LastName + First Initial. I just want to be able to scan the network to make sure people aren't using the company name or a simple derivation of the company name as their password. Therefore, I just want to scan the user names on the network against a small list of passwords like Tomcat, Tomcat1, TomCat, TomCat1, tomcat, tomcat1 and so forth. If people are using the company name as the password I can have them change it. That's all I want. Is there a good (hopefully freeware but doesn't have to be) program out there to help me accomplish this task? Thanks, John ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
_________________________________________________________________확인하자. 오늘의 운세 무료 사주, 궁합, 작명, 전생 가이드 http://www.msn.co.kr/fortune/default.asp
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Hydra For Windows? Mister Dookie (Oct 24)
- RE: Hydra For Windows? h0W@rD Sh33n (Oct 24)
- RE: Hydra For Windows? kim kihong (Oct 25)
- Re: Hydra For Windows? pand0ra (Oct 24)
- Re: Hydra For Windows? Lee Lawson (Oct 25)
- Re: Hydra For Windows? Jason Ross (Oct 24)
- <Possible follow-ups>
- RE: Hydra For Windows? Dino Dogan (Oct 24)
- Re: Hydra For Windows? DaKahuna (Oct 25)
- Re: Hydra For Windows? Marco Ivaldi (Oct 25)
- RE: Hydra For Windows? h0W@rD Sh33n (Oct 24)