Re: brute-force with tsgrinder

From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Sat Aug 19 2006 - 04:55:39 EDT

• Next message: r@d: "Re: Citrix exploits?"
• Previous message: Jesse: "Order víagra from home - no doctors!! __ %junk"
• In reply to: nfanelli@empire.edu: "brute-force with tsgrinder"
• Next in thread: jetzmaru: "Re: brute-force with tsgrinder"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If the box is on the domain but you want to have TSGrinder BF against the
local account, then try specifying the local box name as the "domain" rather
than "local\Administrator" as the username. Just have usernames in the
worlist.txt file, not the domain/local box name, and try this:

Tsgrinder.exe -w wordlist.txt -d LocalBoxNameHere -b -n1 -D 8 192.168.x.x

That should do it for ya.. If not, contact me offline and I'll fix you up.

t

On 8/17/06 3:14 PM, "nfanelli@empire.edu" <nfanelli@empire.edu> spoketh to
all:

> For those of you who are familiar with TSGRINDER, I would appreciate your
> help.
>
>
> I having trouble compromising my remote machines. The target devices are on a
> domain. I have the username (Local\Administrator) and typed the current
> password into the dictionary file (Wordlist.txt). Then open a cmd-line,
> browse to my executable and type the following string:
>
>
> tsgrinder.exe -w wordlist.txt -b -n 1 -D 8 192.168.x.x
>
>
> A RDP session opens and attempts the passwords within my dictionary (the
> correct password is third down on my list) but when it trys the right password
> it responds with a "Failed"??
>
>
> I checked the local administrator account to verify it was not locked out.
> Not sure what else to try??
>
>
> Any help is appreciated!
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> ------------------------------------------------------------------------
>
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: r@d: "Re: Citrix exploits?"
• Previous message: Jesse: "Order víagra from home - no doctors!! __ %junk"
• In reply to: nfanelli@empire.edu: "brute-force with tsgrinder"
• Next in thread: jetzmaru: "Re: brute-force with tsgrinder"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:46 EDT