SPIKE (http://www.immunitysec.com/) will brute force that for you - although not terribly quickly. It's a slow protocol. Dave Aitel Consulting Manager Immunity, Inc. > hi... > > try the tool cain and able... it can crack http ntlm plus a few > others, > by sniffing the traffic of the network. u can download it from > http://www.oxid.it/ .... hope it helps. > > rohit > > ----- Original Message ----- > From: "Gary O'leary-Steele" <garyo@sec-1.com> > To: <pen-testat_private> > Sent: Thursday, May 08, 2003 11:46 PM > Subject: HTTP NTLM password cracker > > >> Hi all, >> >> Does anyone know of a good HTTP NTLM (not basic auth) brute > force/dictionary >> password cracker. I'm trying to gain access to a site which is using >> FrontPage extensions. >> >> /_vti_bin/_vti_aut/author.dll?blah.blah (Auth: NTLM) >> >> Regards, >> Gary >> Sec-1 >> www.sec-1.com >> >> >> -------------------------------------------------------------------------- > - >> Did you know that you have VNC running on your network? >> Your hacker does. >> Plug your security holes. >> Download a free 15-day trial of VAM: >> http://www.securityfocus.com/StillSecure-pen-test >> -------------------------------------------------------------------------- > -- >> >> > > > > --------------------------------------------------------------------------- > Did you know that you have VNC running on your network? > Your hacker does. > Plug your security holes. > Download a free 15-day trial of VAM: > http://www.securityfocus.com/StillSecure-pen-test > ---------------------------------------------------------------------------- > > --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu May 08 2003 - 11:32:41 PDT