Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

BruteForcing?

from [09sparky] Network Security [Permanent Link]
Subject: BruteForcing?
Date: 15 Oct 2006 18:03:03 -0000 
This is more of a general brute forcing question, but one which I could use 
some assistance.

I am attempting to brute force some telnet sessions (Cisco Routers - CISCO IOS 
12.2 and IOS 12.3(8), Cisco 1721 router).  When telnet'ing in, it only prompts 
me for a PW (Not a username).  It has a 3 attempts disconnect, so I get 
disconnected and have to reconnect.  

My question is:
How and what tool should I use to try and brute force (dictionary attack) this 
session?
I have tried Hydra, but when I get disconnected (after 3 attempts), it tells me 
it is "finished".  Not sure if there is a way to make it reconnect.  Is there a 
better tool or other techniques that would work better?

Second question: Brute forcing also, but against WebPages.  For example, a 
Cisco 3000 VPN Concentrator, I have the webpage asking for username/password.  
How would I attempt to dictionary attack this?

Thanks,
Sparky

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  the C$ and ipc$ shares, wymerzp
Next by Date:  RE: Web Vulnerability Scanner, Debasis Mohanty
Previous by Thread:  the C$ and ipc$ shares, wymerzp
Next by Thread:  Re: BruteForcing?, Fab
Indexes:  [Date] [Thread] [Top] [All Lists]