Full Disclosure mailing list archives
Re: NiX - Linux Brute Force 1.0.3 update has been released
From: nix () myproxylists com
Date: Sat, 20 Nov 2010 21:58:39 +0200
Would you care to offer what particular tests you did to compare your tool to Hydra? Just curious. Ryan
Execuse my english. Here´s NiX advantages over Hydra: --- Support all proxies: HTTP/SOCKS 4 and 5 proxy support -> Integrated proxy randomization to defeat certain protection mechanisms -> Auto-removal of dead or unreliable proxy and when site protection mechanism blocks the proxy: Any site that is banning proxies after certain amount of failed logins, you are just wasting your time with hydra on these sites. Earlier someone said, i use proxychains to get more proxy support. Good idea but when a proxy timeouts, it will make significant delay to your check and you have no way to remove those proxies. When more proxies will time out...FAIL. --- FORM auto-detection & Manual FORM input configuration. -> Hydra does not support cookie parameter at all when you configure manually form input. For example strict site such as Webmin require cookie to be sent at the begin or you are just wasting your time. NiX has significantly better FORM mode and the FORM auto-detection is nice add-on especially for less advanced users. Obviously Hydra´s dev. are not real crackers as they did not added success or failure key support also to basic authentication mode, there are sites that give 200 OK reply when they ban proxy, again anyway with a single proxy support you are pretty much fucked unlike with NiX. Also, hydra will fail if the FORM is on HTTP page but the FORM target is SSL ;) NiX has auto-detection logic to this as well and can brute all these sites. What I can currently see, Hydra´s advantages over NiX are: Support for more protocols and because it´s written in pure C, it is a less CPU intensive. It works also on various platforms unline NiX. I am not saying it´s a bad tool but the above are the reason i decided to code my own tool. PS. I have coded NiX`s current features solely on my own in 1.5 months with all testing while they have been developing it in a team for several years? Someone asked: "Why did you coded NiX cuz we have Hydra and they have been doing it for years?" The answer: I was not even aware of Hydra until a week ago someone asked this question. The above features answers it in full why did I code it.
On Nov 19, 2010, at 6:52 PM, nix () myproxylists com wrote:There are several fixes done in this release compared to the 1st version. It is encouraged to upgrade to the latest version. To those who want to ask, does it outperform Hydra? Yes it does, especially in basic auth and form mode. Full features and download: http://myproxylists.com/nix-brute-force Changelog: http://myproxylists.com/NIX_BRUTE_FORCER.CHANGELOG Regards NiX Lead Developer _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- NiX - Linux Brute Force 1.0.3 update has been released nix (Nov 19)
- Re: NiX - Linux Brute Force 1.0.3 update has been released rdsears (Nov 19)
- Re: NiX - Linux Brute Force 1.0.3 update has been released nix (Nov 20)
- Re: NiX - Linux Brute Force 1.0.3 update has been released rdsears (Nov 19)