WebApp Sec mailing list archives

RE: Dictionary and brute forcing web authentication?

From: "Calderon, Juan C (EM, DDEMESIS)" <Juan.Calderon () ge com>
Date: Mon, 15 Sep 2003 10:46:16 -0400

oh!

I forgot digest method hashes passwords and send it into the header,
that's why.

thanks

-----Original Message-----
From: Martin Eiszner [mailto:martin () websec org]
Sent: Monday, September 15, 2003 6:30 AM
To: Calderon, Juan C (EM, DDEMESIS)
Cc: webappsec () securityfocus com
Subject: Re: Dictionary and brute forcing web authentication?


On Sun, 14 Sep 2003 12:07:22 -0400
"Calderon, Juan C (EM, DDEMESIS)" <Juan.Calderon () ge com> wrote:

I dont know a tool for brute forcing windows or digest authentication.
In fact, given those are challenge digests instead of  *direct*
authentication type, I doubt a tool like that exist.


---*---
http://www.websec.org/tools/digestbrute_pl.html
---*---

nice day,

mEi

-- 
WebSec.org / Martin Eiszner
Austria / EUROPE
mei () websec org
http://www.websec.org

Attachment: smime.p7s
Description:

Current thread:

Dictionary and brute forcing web authentication? Mark G. Spencer (Sep 12)
- <Possible follow-ups>
- Re: Dictionary and brute forcing web authentication? DownBload (Sep 13)
- Re: Dictionary and brute forcing web authentication? Chris Varenhorst (Sep 14)
  - Re: Dictionary and brute forcing web authentication? RSnake (Sep 15)
- RE: Dictionary and brute forcing web authentication? Calderon, Juan C (EM, DDEMESIS) (Sep 15)
  - Re: Dictionary and brute forcing web authentication? Martin Eiszner (Sep 15)
  - RE: Dictionary and brute forcing web authentication? Sarbjit Singh Gill (Sep 15)
- Re: Dictionary and brute forcing web authentication? Sasa Jusic (Sep 15)
- RE: Dictionary and brute forcing web authentication? Calderon, Juan C (EM, DDEMESIS) (Sep 15)
- RE: Dictionary and brute forcing web authentication? latte (Sep 15)
- RE: Dictionary and brute forcing web authentication? Calderon, Juan C (EM, DDEMESIS) (Sep 22)