Re: [PEN-TEST] Web site password guessing over SSL

From: ET LoWNOISE (etat_private)
Date: Thu Apr 12 2001 - 19:22:35 PDT

  • Next message: Chris Tobkin: "Re: [PEN-TEST] Web Server to SQL Server"

    Maybe this can help you
    
    If you need the source code just let me know
    http://packetstorm.securify.com/Win/sslcrack.zip
    or
    http://packetstorm.securify.com/groups/lownoise/
    for a short description
    
    bye
    
    Efrain 'ET' Torres
    [LoWNOISE]
    
    Gerald wrote:
    
    > Our client wants us to try to brute-force one of their public web sites that
    > is password-protected via a form-based login over SSL.  I'd rather not have
    > to sit by the computer manually typing in passwords over and over again.
    > I've looked at the 'popular' web page cracking tools, and none of them seem
    > to work over SSL.
    >
    > Does anybody have any ideas?
    >
    > Gerald Batten
    > Security Consulant
    > Exocom
    >
    > (*note:  views expressed in this e-mail are not necessarily those of my
    > employer.)
    > (**note: views expressed in this e-mail are not necessarily mine either.)
    >
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 09:08:30 PDT