mailing list archives
Re: [PEN-TEST] RDS exploit simulation
From: Mordechai Ovits <movits () OVITS NET>
Date: Mon, 18 Sep 2000 12:16:44 -0400
On Mon, Sep 18, 2000 at 11:14:29AM -0400, Oliver Petruzel wrote:
Also, can anyone recommend a good pre-existing IMAP or POP vuln script
and simulation config?
Do you mean brute force password guessing, or sniffing the plaintext
password off the wire?
For sniffing the password, use either ethereal or dsniff.
For brute forcing, perl and python have libraries for doing imap and pop.
It's about 20 minutes of coding to get it right.