Vulnerability Development mailing list archives
RE: Enumerating users on a Domino webserver
From: "OBrien, Brennan" <BOBrien () columbia com>
Date: Wed, 30 Jan 2002 09:04:18 -0800
Sure do. Excellent tool for enumeration. Same holds true for OWA for exchange. This gives me the ability, over time, to guess out how the usernames are formed, and provides me with an externally available tool for initial password guessing. -----Original Message----- From: nicob () nicob net [mailto:nicob () nicob net] Sent: Wednesday, January 30, 2002 8:55 AM To: vuln-dev () securityfocus com Subject: Enumerating users on a Domino webserver Hi, during a pen-test against a Domino 5.0.8 webserver, I was able to enumerate valid users. A simple "GET /mail/toto.nsf HTTP/1.0" redirects to the login page (with a "200 OK" HTTP code) if the user "toto" exists and a "404 File not Found" is returned if the user doesn't exist. This issue can allow a faster brute force attack on HTTP passwords. I have search the Net for more information about this problem, but I found nothing. Can the readers reproduce this behaviour ? Do you see others implications than users enumeration (for social engineering and brute force attacks) ? Nicob
Current thread:
- Enumerating users on a Domino webserver nicob (Jan 30)
- Re: Enumerating users on a Domino webserver Bruno Mosconi (Jan 30)
- <Possible follow-ups>
- RE: Enumerating users on a Domino webserver OBrien, Brennan (Jan 30)