nothing can beat bash + curl when it comes to bfing webapps
On 5/24/07, s-williams@nyc.rr.com <s-williams@nyc.rr.com> wrote:
Anyone have a good tool in mine?
------Original Message------
To: listbounce@securityfocus.com
To: pen-test@securityfocus.com
Sent: May 23, 2007 12:01 PM
Subject: Pentesting Openmail Web login
I am task with testing user accounts on our mail system. We currently have
two systems Exchange, and OpenMail for Linux which is on the DMZ. We are
interested in finding out how easy it might be for someone to guess the
password of one or our users account.
And if the are sucessful what can the do on the linux box, with that
username and password.
We have a main site with a link to the webmail system from there, ifi want
to test this which tool might be the best for doing this since its a link
and not the main page?
Thanks in advance
"A wise man ask questions, a fool is afraid of knowledge"
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
--
pagvac
[http://gnucitizen.org, http://ikwt.com/]
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
