WebApp Sec mailing list archives

Re: hydra and HTTP NTLM

From: Jamie Riden <jamie.riden () gmail com>
Date: Fri, 25 May 2012 08:55:23 +0100

On 23 May 2012 13:14, Robin Wood <robin () digininja org> wrote:

Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying
to brute force a MS Front Page login which only asks for
authentication when the OPTIONS method is used as far as I can tell.


Pathological case is to use something like ntlmaps -
http://ntlmaps.sourceforge.net/ - and script that. Would be slow but
it would be something.

Might be better to rip or amend the code though...

cheers,
 Jamie
-- 
Jamie Riden / jamie () honeynet org / jamie.riden () gmail com
http://uk.linkedin.com/in/jamieriden



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Current thread:

RE: [Pauldotcom] hydra and HTTP NTLM, (continued)
- - - RE: [Pauldotcom] hydra and HTTP NTLM Navarro, Gregory J (May 25)
    - Re: [Pauldotcom] hydra and HTTP NTLM Robin Wood (May 25)
    - Message not available
    - Re: [Pauldotcom] hydra and HTTP NTLM Robin Wood (May 29)
    - Re: hydra and HTTP NTLM _ (May 24)
- Re: hydra and HTTP NTLM Seth Art (May 24)
  - RES: hydra and HTTP NTLM Fábio Soto (May 29)
- Re: hydra and HTTP NTLM Security Auditor (May 25)
  - Re: hydra and HTTP NTLM Robin Wood (May 25)
    - Re: hydra and HTTP NTLM Gary Oleary-Steele (May 29)
    - Re: hydra and HTTP NTLM Robin Wood (May 29)
- Re: hydra and HTTP NTLM Jamie Riden (May 25)
  - Re: hydra and HTTP NTLM Robin Wood (May 25)
- Re: hydra and HTTP NTLM Norma Snockers (May 25)