Penetration Testing mailing list archives
Re: Hydra Help
From: xyberpix <xyberpix () xyberpix com>
Date: Wed, 7 Apr 2010 08:45:28 +0100
Try using hydra -l username -p password(text) -o output.txt -v -V xxx.xxx.xxx.xxx service smtp-auth or hydra -l username -p password(text) -o output.txt -v -V xxx.xxx.xxx.xxx service smtp-auth -ntlm xyberpix On 3 Apr 2010, at 14:47, maash.rajani () gmail com wrote:
I just started using Hydra. Got a successful authentication over a pop3 service. Trying the same username and password over the smtp service using hydra's "smtp-auth" module. My understanding was hydra can try dictionary attack over an smtp service which uses NTLM hashing, my enumerationg results over the listening smtp confirms that it uses NTLM authen type. Yet using Hydra gives me the following results: command: hydra -l username -p password(text) -o output.txt -v -V xxx.xxx.xxx.xxx Output Error: SMTP AUTH LOGIN error: 504 5.7.4 unrecognized authentication type ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Hydra Help maash . rajani (Apr 05)
- Re: Hydra Help xyberpix (Apr 08)
- Re: Hydra Help Harry Hoffman (Apr 08)