From: Juan B (juanbabi@yahoo.com)
Date: Tue Oct 31 2006 - 18:27:33 EST
Hi,
I am conducting a pen test for a client of mine.
in his web server he is using basic authntication
(base 64)
I need to issue a brute force attack against his
authentication scheme.
I know that the users and password are all numbers.
foe example the user might be something as:
5486
and the password could be :
546846533
The users are limited to 4 numbers and the passwords
for 8 numbers.
How I can tell brutus or hydra to use only numbers in
the brute force?
Thanks very much !
Juan
____________________________________________________________________________________
Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates
(http://voice.yahoo.com)
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:15 EDT