"Batten, Gerald" wrote: > > Our client wants us to try to brute-force one of their public web sites that > is password-protected via a form-based login over SSL. I'd rather not have > to sit by the computer manually typing in passwords over and over again. > I've looked at the 'popular' web page cracking tools, and none of them seem > to work over SSL. > > Does anybody have any ideas? > > Gerald Batten > Security Consulant > Exocom > > (*note: views expressed in this e-mail are not necessarily those of my > employer.) > (**note: views expressed in this e-mail are not necessarily mine either.) Hi, Instead of trying to find out a ssl wrapper and use it with the best of your brute-force tools. Some popular wrappers are Bjorb (http://www.hitachi-ms.co.jp/bjorb/en/) and SSLwrap (http://www.rickk.com/sslwrap/). cheers, Burak DAYIOGLU
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 08:46:20 PDT