WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: hydra and HTTP NTLM

From: Robin Wood <robin () digininja org>
Date: Fri, 25 May 2012 13:59:50 +0100
On 25 May 2012 13:52, Security Auditor <auditor.sec () gmail com> wrote:

Hi,
I would say use an interceptor proxy which can handle this stuff
easily. For example burp, ZAP or others.

I played with hydra on DVWA app and could not succeed at bruting.....

hope this helps


I don't know a way to get Burp to brute force NTLM, can ZAP do it? Any
instructions would be gratefully received.

Robin


cheers

Audi

On Wed, May 23, 2012 at 2:14 PM, Robin Wood <robin () digininja org> wrote:

Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying
to brute force a MS Front Page login which only asks for
authentication when the OPTIONS method is used as far as I can tell.

Robin



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------





This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: