Re: [PEN-TEST] Web site password guessing over SSL

From: Batten, Gerald (GBattenat_private)
Date: Mon Apr 23 2001 - 06:07:09 PDT

Next message: Andrew Thomas: "Re: [PEN-TEST] Wireless (In)Security"

Previous message: Renaud Deraison: "Re: [PEN-TEST] SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks to everyone who gave me helpful suggestions.

I decided to write my own program to do the brute-forcing on the form.
Unfortunately, I didn't have the time to re-learn Perl (it's been a couple
of years), so I wrote it in WinBatch.  I was able to write the entire thing,
and even add a couple of 'nice-to-have' features, and it only took me one
afternoon. It's slow, but it works and right now that's what counts.

Before you ask, I can't release the source code (yet) until I get my boss's
permission.  But the source code to submit a form is included in the
WinBatch documentation.  Just get the hang of nested loops and file handling
and you're there.

Gerald.

Next message: Andrew Thomas: "Re: [PEN-TEST] Wireless (In)Security"
Previous message: Renaud Deraison: "Re: [PEN-TEST] SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 08:34:28 PDT