Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Hydra For Windows?

from [Dino Dogan] Network Security [Permanent Link]
Subject: RE: Hydra For Windows?
Date: Tue, 24 Oct 2006 18:19:52 -0400 
Cant you use L0phtCrack for that. Instead of using built in dictionary ,
you could load your own list. 

Dino Dogan
Network Engineer
NaviSys
499 Thornall Street
Edison, NJ 08837-2235
www.navisys.com 
732.767.3828  PH
732.635.9576  FX
NaviSys has been acquired by Accenture. 
Find out more.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Mister Dookie
Sent: Monday, October 23, 2006 11:56 AM
To: pen-test@securityfocus.com
Subject: Hydra For Windows?
Importance: Low

Hello list,

I am looking for a way to test the computers on my network for weak
passwords. For instance, say I have the network (192.168.123.1-254)
for company "Tomcat" and I know most people either login as
"Administrator" (not the best I know but some battles are not worth
fighting) or the convention of LastName + First Initial. I just want
to be able to scan the network to make sure people aren't using the
company name or a simple derivation of the company name as their
password. Therefore, I just want to scan the user names on the network
against a small list of passwords like Tomcat, Tomcat1, TomCat,
TomCat1, tomcat, tomcat1 and so forth. If people are using the company
name as the password I can have them change it. That's all I want.

Is there a good (hopefully freeware but doesn't have to be) program
out there to help me accomplish this task?

Thanks,
John

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Password audits, pand0ra
Next by Date:  Re: Password audits, shaun
Previous by Thread:  Re: Hydra For Windows?, Jason Ross
Next by Thread:  Re: Hydra For Windows?, DaKahuna
Indexes:  [Date] [Thread] [Top] [All Lists]