WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RES: hydra and HTTP NTLM

From: Fábio Soto <fabio () andradesoto com br>
Date: Sat, 26 May 2012 10:51:53 -0300
... and the Active Directory configured to block Access after "n" login
attempts...

-----Mensagem original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Em
nome de Seth Art
Enviada em: quarta-feira, 23 de maio de 2012 16:47
Para: Robin Wood
Cc: webappsec () securityfocus com
Assunto: Re: hydra and HTTP NTLM

I have not used the new HTTP NTLM feature of Hydra, but just an FYI to
be mindful of account lockouts if the backend auth is NTLM based.

Seth

On Wed, May 23, 2012 at 8:14 AM, Robin Wood <robin () digininja org> wrote:

Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying
to brute force a MS Front Page login which only asks for
authentication when the OPTIONS method is used as far as I can tell.

Robin



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------





This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------




This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: