Re: Brute force .htpasswd
From: H D Moore (sflist@digitaloffense.net)Date: 11/27/01
- Previous message: D V: "Brute force .htpasswd"
- In reply to: D V: "Brute force .htpasswd"
- Next in thread: D V: "Re: Brute force .htpasswd"
- Reply: D V: "Re: Brute force .htpasswd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <20011126234952.13655.qmail@securityfocus.com> From: H D Moore <sflist@digitaloffense.net> To: D V <mysecurite@yahoo.fr>, pen-test@securityfocus.com Subject: Re: Brute force .htpasswd Date: Mon, 26 Nov 2001 17:49:48 -0600
MDCrack is one of the nicest MD5 brute forcers I have come across. You may
need to mangle the hashes a little bit to get mdcrack to accept them, but it
should do the trick. JTR is also very good at cracking md5 hashes, they have
in the correct format for it to recognize them though.
MDCrack:
http://mdcrack.multimania.com/nsindex2.html
On Monday 26 November 2001 07:35 am, D V wrote:
> Hi,
>
> I am looking for a program to brute force .htpasswd
> using MD5 encryption using by Apache on W32 platform.
> I am not looking for a prg like Brutus because I want
> to do a brute force attack off-line. Password cracker
> like John doesn't work against this type of MD5, it is
> working against MD5 using by Linux for example.
-- H D Moore http://www.digitaldefense.net - work http://www.digitaloffense.net - play---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- Previous message: D V: "Brute force .htpasswd"
- In reply to: D V: "Brute force .htpasswd"
- Next in thread: D V: "Re: Brute force .htpasswd"
- Reply: D V: "Re: Brute force .htpasswd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
