Re: [PEN-TEST] Web site password guessing over SSL

From: Batten, Gerald (GBattenat_private)
Date: Mon Apr 23 2001 - 06:07:09 PDT

  • Next message: Andrew Thomas: "Re: [PEN-TEST] Wireless (In)Security"

    Thanks to everyone who gave me helpful suggestions.
    
    I decided to write my own program to do the brute-forcing on the form.
    Unfortunately, I didn't have the time to re-learn Perl (it's been a couple
    of years), so I wrote it in WinBatch.  I was able to write the entire thing,
    and even add a couple of 'nice-to-have' features, and it only took me one
    afternoon. It's slow, but it works and right now that's what counts.
    
    Before you ask, I can't release the source code (yet) until I get my boss's
    permission.  But the source code to submit a form is included in the
    WinBatch documentation.  Just get the hang of nested loops and file handling
    and you're there.
    
    Gerald.
    



    This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 08:34:28 PDT