On Sun, 15 Oct 2006, 09sparky@gmail.com wrote:
This is more of a general brute forcing question, but one which I could
use some assistance.
I am attempting to brute force some telnet sessions (Cisco Routers -
CISCO IOS 12.2 and IOS 12.3(8), Cisco 1721 router). When telnet'ing in,
it only prompts me for a PW (Not a username). It has a 3 attempts
disconnect, so I get disconnected and have to reconnect.
My question is:
How and what tool should I use to try and brute force (dictionary
attack) this session?
I have tried Hydra, but when I get disconnected (after 3 attempts), it
tells me it is "finished". Not sure if there is a way to make it
reconnect. Is there a better tool or other techniques that would work
better?
The best tool is the one yo write yourself to get the job done.
You know the behaviour of the system. So skript a little program
to take the first three passwords of your dictonary, try them, check
the answers, check for the disconnect, connect again, take the next
three passwords and so on. Instead of hammering the system do it
slower to prevent other traps.
Second question: Brute forcing also, but against WebPages. For
example, a Cisco 3000 VPN Concentrator, I have the webpage asking for
username/password. How would I attempt to dictionary attack this?
I don't have a Cisco 3000 VPN Concentrator around. Is this a form
based authentication (guess so)? Latest hydra works fine on forms.
Pick up the authentication parameters and feed them into hydra. If
you do not figure out at once how this is done - it is stated in
the source code.
Cheers,
Christine Kronberg.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
