... and the Active Directory configured to block Access after "n" login
attempts...
-----Mensagem original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] Em
nome de Seth Art
Enviada em: quarta-feira, 23 de maio de 2012 16:47
Para: Robin Wood
Cc: webappsec (at) securityfocus (dot) com [email concealed]
Assunto: Re: hydra and HTTP NTLM
I have not used the new HTTP NTLM feature of Hydra, but just an FYI to
be mindful of account lockouts if the backend auth is NTLM based.
Seth
On Wed, May 23, 2012 at 8:14 AM, Robin Wood <robin (at) digininja (dot) org [email concealed]> wrote:
> Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying
> to brute force a MS Front Page login which only asks for
> authentication when the OPTIONS method is used as far as I can tell.
>
> Robin
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
attempts...
-----Mensagem original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] Em
nome de Seth Art
Enviada em: quarta-feira, 23 de maio de 2012 16:47
Para: Robin Wood
Cc: webappsec (at) securityfocus (dot) com [email concealed]
Assunto: Re: hydra and HTTP NTLM
I have not used the new HTTP NTLM feature of Hydra, but just an FYI to
be mindful of account lockouts if the backend auth is NTLM based.
Seth
On Wed, May 23, 2012 at 8:14 AM, Robin Wood <robin (at) digininja (dot) org [email concealed]> wrote:
> Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying
> to brute force a MS Front Page login which only asks for
> authentication when the OPTIONS method is used as far as I can tell.
>
> Robin
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]