Re: dictionary of forum style usernames

["Robin Wood" <dninja () gmail com>]

The brute forcing is through the system login not against the database
so I can use plaintext passwords.

I had thought about going through a few forums and screenscraping
usernames from them but was just wondering if someone had already done
the job, save me a bit of effort.

The system isn't actually a forum, but it is similar and is custom
written so unfortunatly there is no open source code or off the shelf
system for me to get any extra clues from.

Robin

On 5/4/06, Griffiths, Ian <Ian.Griffiths () liv-coll ac uk> wrote:
> I'm sure such a list could be derived from an existing member list from
> any forum out there, wget and some Perl or something, not sure what the
> ethical stance is on that.
>
> I'm not even sure on the ethics of going straight to the member table
> and picking up the single username field.  You would need a forum admin
> who trusts you to use the stuff appropriately and possibly members who
> are willing to participate?  I'm not sure - it is of course sufficiently
> anonymised in every other respect.
>
> If you want to brute force this data as it stands though you would also
> need the set of password hashes as well?  Unlikely anyone will give this
> up too easily!
>
> I would also be interested to see that if you were able to get two
> member lists of maybe ten thousand members exactly how much overlap
> there is between the two lists - my suspicion would be not much.
> Therefore you might want to consider compounding a few lists so you get
> maybe 100k names or more.
>
> Ironically, most teenage **honey_girl_69x** usernames would actually
> make fantastic passwords, I don't think that was the intention :-)
>
> Ian
>
> -----Original Message-----
> From: Robin Wood [mailto:dninja () gmail com]
> Sent: 04 May 2006 12:32
> To: Griffiths, Ian
> Cc: webappsec () securityfocus com
> Subject: Re: dictionary of forum style usernames
>
>
> As I said, the system I'm going to be testing has users whose usernames
> are going to be forum style (e.g. Luca89, mackerel, Maedhros, Magic
> Banana, mark_alec) rather than normal "human" name style (e.g. robin,
> peter, fred).
>
> From previous experience with the site I know that a lot of users use
> their username as their password so if I can get a reasonable list,
> preferably a few hundred at least, I'll try a brute force attack with a
> selection of common passwords and the username. I'm going to leave this
> going in the background while doing the rest of the tests so the more
> names the better.
>
> I know that the human style name lists exist as my ssh server regularly
> gets attacked by scripts trying long lists of usernames, does the same
> exist for forum style names?
>
> On 5/4/06, Griffiths, Ian <Ian.Griffiths () liv-coll ac uk> wrote:
> > How many records are you thinking?
> >
> > Also what are you aiming to achieve?  I currently can't see any place
> > where username actually matters?
> >
> > Ian
> >
> > -----Original Message-----
> > From: Robin Wood [mailto:dninja () gmail com]
> > Sent: 04 May 2006 08:53
> > To: webappsec () securityfocus com
> > Subject: dictionary of forum style usernames
> >
> >
> > Hi
> > I'm going to be doing a test against a forum type system and want to
> > have a go at bruteforcing a few logins. As it is a forum the login
> > names aren't likely to be usual "human" names so I'm looking for a
> > dictionary of names to try. Can anyone recommend one?
> >
> > Robin
> >
> > ----------------------------------------------------------------------
> > --
> > -
> > Sponsored by: Watchfire
> >
> > The Twelve Most Common Application-level Hack Attacks
> > Hackers continue to add billions to the cost of doing business online
> > despite security executives' efforts to prevent malicious attacks.
> > This whitepaper identifies the most common methods of attacks that we
> > have seen, and outlines a guideline for developing secure web
> > applications. Download this whitepaper today!
> >
> > https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t
> > 9r
> >
> ------------------------------------------------------------------------
> > --
> >
> >

-------------------------------------------------------------------------
Sponsored by: Watchfire

The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t9r
--------------------------------------------------------------------------