Home page logo

pen-test logo Penetration Testing mailing list archives

RE: Brute-forcing Dial-up password after war-dial
From: Yanisto <yanisto () nuxed org>
Date: Sat, 27 Sep 2003 16:34:42 +0200

Indeed, it obviously depends on the OS you're operating from but if it's
a UNIX-like, i'd suggest you to get that great tool, from THC :
It's a shellscript using minicom, and, as a shellcript, remains highly



Le ven 19/09/2003 à 17:15, Hagen, Eric a écrit :
Careful that you have a written contract with the company you're
war-dialing.  Otherwise, it's often a felony in many jurisdicitions and even
if you don't penetrate anything, can land you in some serious hot water.

Assuming you DO have a contract with the company, there is one called THC
that would be worth a try.  It used to be hosted by a University, but it's
since been taken off their site IIRC.   It has a scripting language that
will let you script password attacks and I believe can even import a 'words'
or 'names' file if you choose.

Eric Hagen

-----Original Message-----
From: Michelangelo Sidagni [mailto:m.sidagni () verizon net]
Sent: Thursday, September 18, 2003 9:55 AM
To: pen-test () securityfocus com
Subject: Brute-forcing Dial-up password after war-dial

After a war dial, I obtained a list of phone numbers that responded with a
carrier (PPP or other). Is there a free tool out there that bruteforce
Dial-up ID and passwords on the numbers identified by the war dial? I know
that PhoneSweep does that, but is there a workaround / free program to do


Attachment: signature.asc
Description: Ceci est une partie de message numériquement signée

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]