WebApp Sec mailing list archives
Re: [Pauldotcom] hydra and HTTP NTLM
From: Robin Wood <robin () digininja org>
Date: Fri, 25 May 2012 21:10:31 +0100
On 25 May 2012 16:59, Navarro, Gregory J <Gregory.J.Navarro () disney com> wrote:
Do you know of a valid login but just not the password. If so just fuzz it with Burp
I have no credentials but even if I did I don't think Burp does NTLM, for it to do it it would have to be able to work with the four way handshake and I've not seen anywhere that that appears to be an option. If you can point me at how to do it I'll happily try. Robin
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Robin Wood Sent: Thursday, May 24, 2012 6:08 AM To: Tony Turner; PaulDotCom Security Weekly Mailing List Cc: _; webappsec () securityfocus com Subject: Re: [Pauldotcom] hydra and HTTP NTLM On 24 May 2012 13:36, Tony Turner <tony_l_turner () yahoo com> wrote:Have you tried http://www.foofus.net/~jmk/tools/FPbrute.pl yet? Or is there a reason you wanted to use Hydra?I've tried that but it seems to expect the login request for a simple GET. I'm testing a FrontPage install which allows me to read but then fails on write. Checking the traffic when I click save it sends an OPTIONS request which gets a reply of 401 which triggers FP to then start the handshake. Robin________________________________ From: Robin Wood <robin () digininja org> To: _ <packetnull () gmail com> Cc: "webappsec () securityfocus com" <webappsec () securityfocus com>; PaulDotCom Mailing List <pauldotcom () mail pauldotcom com> Sent: Thursday, May 24, 2012 8:17 AM Subject: Re: [Pauldotcom] hydra and HTTP NTLM On 24 May 2012 13:06, _ <packetnull () gmail com> wrote:http ntlm is IIS based windows auth.Yes but I still don't know how to attack it. RobinOn May 23, 2012, at 6:14 AM, Robin Wood <robin () digininja org> wrote:Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying to brute force a MS Front Page login which only asks for authentication when the OPTIONS method is used as far as I can tell. Robin This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.comThis list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- hydra and HTTP NTLM Robin Wood (May 23)
- Re: hydra and HTTP NTLM _ (May 24)
- Re: hydra and HTTP NTLM Robin Wood (May 24)
- Message not available
- Re: [Pauldotcom] hydra and HTTP NTLM Robin Wood (May 24)
- RE: [Pauldotcom] hydra and HTTP NTLM Navarro, Gregory J (May 25)
- Re: [Pauldotcom] hydra and HTTP NTLM Robin Wood (May 25)
- Message not available
- Re: [Pauldotcom] hydra and HTTP NTLM Robin Wood (May 29)
- Re: hydra and HTTP NTLM Robin Wood (May 24)
- Re: hydra and HTTP NTLM _ (May 24)
- Re: hydra and HTTP NTLM _ (May 24)
- RES: hydra and HTTP NTLM Fábio Soto (May 29)
- Re: hydra and HTTP NTLM Robin Wood (May 25)
- Re: hydra and HTTP NTLM Gary Oleary-Steele (May 29)
- Re: hydra and HTTP NTLM Robin Wood (May 29)
- Re: hydra and HTTP NTLM Robin Wood (May 25)