On 27 May 2012 09:44, Gary Oleary-Steele <[email protected]> wrote: > Robin, > > I have a ruby script for this somewhere, it's integrated with our scanner > system but I'll see if I can pull the code to use as standalone. If I were > you though I'd use python with urllib2, has ntlm support via an extension (or > "opener" as the are known), also ruby http libs support ntlm. The protocol > for frontpage is simple to replicate for what you need, I'll send u an > example on Monday.
Brilliant, thanks. Robin > > Gary > > Sent from my iPhone > > On 26 May 2012, at 01:04, "Robin Wood" <[email protected]> wrote: > >> On 25 May 2012 13:52, Security Auditor <[email protected]> wrote: >>> Hi, >>> I would say use an interceptor proxy which can handle this stuff >>> easily. For example burp, ZAP or others. >>> >>> I played with hydra on DVWA app and could not succeed at bruting..... >>> >>> hope this helps >> >> I don't know a way to get Burp to brute force NTLM, can ZAP do it? Any >> instructions would be gratefully received. >> >> Robin >> >>> cheers >>> >>> Audi >>> >>> On Wed, May 23, 2012 at 2:14 PM, Robin Wood <[email protected]> wrote: >>>> Anyone know how to use the new HTTP NTLM feature in Hydra? I'm trying >>>> to brute force a MS Front Page login which only asks for >>>> authentication when the OPTIONS method is used as far as I can tell. >>>> >>>> Robin >>>> >>>> >>>> >>>> This list is sponsored by Cenzic >>>> -------------------------------------- >>>> Let Us Hack You. Before Hackers Do! >>>> It's Finally Here - The Cenzic Website HealthCheck. FREE. >>>> Request Yours Now! >>>> http://www.cenzic.com/2009HClaunch_Securityfocus >>>> -------------------------------------- >>>> >> >> >> >> This list is sponsored by Cenzic >> -------------------------------------- >> Let Us Hack You. Before Hackers Do! >> It's Finally Here - The Cenzic Website HealthCheck. FREE. >> Request Yours Now! >> http://www.cenzic.com/2009HClaunch_Securityfocus >> -------------------------------------- >> > ##################################################################################### > Scanned by MailMarshal - M86 Security's comprehensive email content security > solution. > For details on purchasing MailMarshal or alternative Mail Security products > please > contact our Sales Team on 0113 257 8955 Option 1 > ##################################################################################### _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
