[TOOL] THC-Hydra, a Parallel Login Hacker

From: support@securiteam.com
Date: 03/11/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Mon, 11 Mar 2002 10:33:44 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  THC-Hydra, a Parallel Login Hacker
------------------------------------------------------------------------

DETAILS

Number one of the biggest security holes are passwords, as every password
security study shows. This tool is a proof of concept code, to give
researchers and security consultants the possibility to show how easy it
would be to gain unauthorized access from remote to a system.

THC-Hydra is the world's first parallel login hacker. With this tool, you
are able to attack several services at once (FTP, POP3, IMAP, Telnet, HTTP
Auth, NNTP, VNC, ICQ, PCNFS). Also included Socks5 and SSL support

ADDITIONAL INFORMATION

The tool can be downloaded from:
 <http://www.thehackerschoice.com/download.php?t=r&d=hydra-1.6.tar.gz>
http://www.thehackerschoice.com/download.php?t=r&d=hydra-1.6.tar.gz

The information has been provided by <mailto:vh@reptile.rug.ac.be> Van
Hauser / THC.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • Re: OT: disabling APIs to prevent keystroke logging
    ... I have googled keylogging but there's a ton of info a mostly ads. ... I've dealt with security issues in my work as a software ... Researcher refutes Microsoft's account of hijacked Hotmail passwords ... passwords were obtained in a massive phishing attack. ...
    (alt.sys.pc-clone.dell)
  • RE: passwords in asp pages
    ... and using integrated security for connecting to the database- this will ... remove cleartext passwords from the files. ... grab the raw asp source from the server. ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Oh Dear, Where to start?!
    ... > sort of security solution? ... > use, passwords, physical security, backup/disaster ... > admin, network admin, tech support, programming, and ... Theres lots of software out there for backups. ...
    (Security-Basics)
  • Re: Final Year Project Brainstorming
    ... An interesting and always relevant topic is passwords. ... with a real-life scenario where Ubuntu's security is better than Vista ... The computers were very old so they were told they would have to ... Figure the cost of IT person for Vista vs ...
    (Ubuntu)
  • [NT] Webserver 4D Weak Password Preservation Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... complete Web Server environment written entirely on top of 4th Dimension, ... WS4D web server saves the passwords somewhere insecure. ...
    (Securiteam)