Re: bruteforce attacks to GUI applications

From: ascii (ascii_at_katamail.com)
Date: 11/17/05

  • Next message: ascii: "Re: bruteforce attacks to GUI applications" 
    Date: Thu, 17 Nov 2005 03:38:27 +0100
To: security-basics@securityfocus.com

    m_r_welch@tiscali.co.uk wrote:
    > It doesn't look like that would be possible. See here:
    > http://expect.nist.gov/FAQ.html#q23

    it's not possible with expect but you can use other techniques

    i'm thinking about all my friends that lost their time playing
    RPG games like ultima etc (IMHO of course)

    when protocol hacking is not possible they use macro programs
    that move the mouse and simulate keyboard input

    some of these programs uses 'complex' scripting languages (or at
    last you can write your own using your os apis) and support
    external bin output as value of vars

    the point is the cpu time required to perform an attack like this

    you can accomplish some trick like jump the pointer to x,y instead
    move it

    when you try to brute force the shadow file you use john et similia:
    tools written in well-coded c that read the file, explode fields,
    use the right buffer len, use optimized algs etc

    think about brute forcing the same using passwd, isn't this silly?
    you have to exec an external bin, load shared libs, let expect
    input the password, parse the result

    i can assure you the process will take 100x time, and now think about
    the overhead of gui applications: you have to start the application,
    jump the cursor, click/focus, simulate keyboard input (user name), jump
    the cursor, click/focus again, input the passwd acquired from the
    external bin, jump over the ok button and click

    i think this process will take forever and is suitable only for
    (not huge) dictionary attacks

  • Next message: ascii: "Re: bruteforce attacks to GUI applications"