Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: RFC on Ncrack, A new network authentication cracker
From: Joao Correa <joao () livewire com br>
Date: Tue, 28 Apr 2009 22:37:09 -0300

I'm sure it is a great idea. I also suffer with the lack of options when
trying to brute-force something.
I probably can help with testing it on Mac OS X.

I think that the feature of resuming a brute force from a interrupted
session is very important, since sometimes it is impossible to run the full
test at once.

Also the feature of using data mining and machine learning would be great.
Many users have the same user/pass for different services (and, as
mentioned, sometimes different services use the same auth backend). This
could also provide a way of learning which of the passwords are the most
used and, before a good number of tests, these most used passwords could be
attempted first.

Ncrack could also share statistical information (with user's consent, of
course) for improving machine learn.

--

João B. Correa

On Tue, Apr 28, 2009 at 9:31 PM, Corey Chandler <lists () sequestered net>wrote:

jah wrote:

 Ncrack
should definitely ship with a quality list (and if someone decided to
spend the summer "Cracking the Internet" the list could have frequency
data (like nmap-services) too).


Unfortunately that person would likely be either in federal prison, or
detained as an enemy combatant. :-p

Portscanning is technically not illegal; brute force attacks most assuredly
are.

--
Corey Chandler / KB1JWQ
Living Legend / Systems Exorcist
Today's Excuse: The POP server is out of Coke


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]