Web Application Security
Re: hydra and HTTP NTLM May 25 2012 12:59PM
Robin Wood (robin digininja org) (1 replies)
On 25 May 2012 13:52, Security Auditor <auditor.sec (at) gmail (dot) com [email concealed]> wrote:
> Hi,
> I would say use an interceptor proxy which can handle this stuff
> easily. For example burp, ZAP or others.
>
> I played with hydra on DVWA app and could not succeed at bruting.....
>
> hope this helps

I don't know a way to get Burp to brute force NTLM, can ZAP do it? Any
instructions would be gratefully received.

Robin

> cheers
>
> Audi
>
> On Wed, May 23, 2012 at 2:14 PM, Robin Wood <robin (at) digininja (dot) org [email concealed]> wrote:
>> Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying
>> to brute force a MS Front Page login which only asks for
>> authentication when the OPTIONS method is used as far as I can tell.
>>
>> Robin
>>
>>
>>
>> This list is sponsored by Cenzic
>> --------------------------------------
>> Let Us Hack You. Before Hackers Do!
>> It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> Request Yours Now!
>> http://www.cenzic.com/2009HClaunch_Securityfocus
>> --------------------------------------
>>

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: hydra and HTTP NTLM May 27 2012 08:44AM
Gary Oleary-Steele (GaryO sec-1 com) (1 replies)
Re: hydra and HTTP NTLM May 27 2012 10:09PM
Robin Wood (robin digininja org)


 

Privacy Statement
Copyright 2010, SecurityFocus