Home page logo

pen-test logo Penetration Testing mailing list archives

RE: password cracking a web form, tried hydra and brutus
From: "aRt dE vIvRe" <bishan4u () yahoo co uk>
Date: Thu, 5 Feb 2004 15:48:00 +0530 (IST)


The problem is you're trying to use HTTP authentication, instead of
submitting the results to the form.

Yes, you are right. I tried Accessdriver also, but that also works only
for HTTP authentication and not for submitting form.

Your better bet is to work something
in perl most likely (but any tcp-capable language will do), that will
requests just as would happen if you were to sequentially try various
attempts on their web page.

Sorry, but I'm not so good at programming.
Is there any open source program which does this? I'm looking for such a
program over a week now, but no luck!

There are also other ways you could poke at it...have you tried SQL
injection attacks in either the password or login field?

Can you please put some more light on it!

Thanx and Regards,


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]