Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Brutus issue

From: Juan B <juanbabi () yahoo com>
Date: Tue, 31 Oct 2006 15:27:33 -0800 (PST)
Hi,

I am conducting a pen test for a client of mine.
in his web server he is using basic authntication
(base 64)
I need to issue a brute force attack against his
authentication scheme.
I know that the users and password are all numbers.
foe example the user might be something as:
5486
and the password could be :

546846533
The users are limited to 4 numbers and the passwords
for 8 numbers.

How I can tell brutus or hydra to use only numbers in
the brute force?

Thanks very much !

Juan


 
____________________________________________________________________________________
Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates 
(http://voice.yahoo.com)


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: