Password  guessing attacks can be carried out manually or via  automated tools.
Password guessing can be  performed against all types of Web  Authentication
The common passwords used are:
root, administrator, admin, operator, demo, test,  webmaster,  backup, guest, trial, member, private, beta, [company_name]  or  [known_username]
Passwords are  the principal means of authenticating users on the  Web today. It is  imperative that any Web site guard the passwords of its users   carefully. This is especially important since users, when faced with  many Web  sites requiring passwords; tend to reuse passwords across  sites. Compromise of a  password completely compromises a user.
Another well-known form of attack is the hybrid attack. A  hybrid  attack will add numbers or symbols to the filename to  successfully crack a  password. Often people change their passwords by  simply adding a number to the  end of their current password. The  pattern usually takes this form: first month  password is "site"; second  month password is "site2"; third month password is  "site2"; and so on.  A brute force attack is the most comprehensive form of  attack, though  it may often take a long time to work depending on the complexity  of  the password. Some brute force attacks can take a week depending on the   complexity of the password.
 WebCracker is a simple tool that takes text lists of usernames and passwords and uses them as dictionaries to implement Basic authentication password guessing.
 lt keys on "HTTP 302 Object Moved" response to indicate successful guess.
 lt will find all successful guesses given in a username/password.
| Webcracker  allows the user to test a restricted-access  website by testing id and  password combinations on the web  site.This program exploits a rather  large hole in web site  authentication methods. Password protected  websites may be easily brute-force  hacked, if there is no set limit on  the number of times an incorrect password or  User ID can be  tried.WebCracker is a simple tool that takes text lists of usernames and   passwords and uses them as dictionaries to implement Basic  authentication  password guessing. | 
 It keys on "HTTP 302 Object Moved" response to indicate successful guess.
 It will find all successful username/password given in the list.
 Brutus is a generic password guessing tool that cracks various authentication.
 Brutus can perform both dictionary attacks and brute-force attacks where passwords are randomly generated from a given character.
 Brutus can crack the following authentication types:
 HTTP (Basic authentication, HTML Form/CGI); POP3; FTP; SMB; Telnet
 
| Brutus is an  online or remote password cracker. More  specifically it is a remote  interactive authentication agent. Brutus is used to  recover valid  access tokens (usually a username and password) for a given target   system. Examples of a supported target system might be an FTP server, a  password  protected web page, a router console a POP3 server etc. It is  used primarily in  two ways: 
 | 
Brutus  does very weak target verification before starting; in fact  all it  does is connect to the target on the specified port. In the context of   Brutus, the target usually provides a service that allows a remote  client to  authenticate against the target using client supplied  credentials. The user can  define the form structure to Brutus of any  given HTML form. This will include  the various form fields, any cookies  to be submitted in requests, the HTTP  referrer field to send (if any)  and of course the authentication response  strings that Brutus uses to  determine the outcome of an authentication  attempt.
If Brutus can successfully read  forms of the fetched HTML page  then each form will be interpreted and  the relevant fields for each form will be  displayed. Any cookies  received during the request will also be logged here.  Brutus handles  each authentication attempt as a series of stages, as each stage  is  completed the authentication attempt is progressed until either a  positive or  negative authentication result is returned at which point  Brutus can either  disconnect and retry or loop back to some stage  within the authentication  sequence.
 ObiWan is a powerful Web password cracking tool. It can work through a proxy.
 ObiWan uses wordlists and alternations of numeric or alpha-numeric characters as possible as passwords.
 Since Webservers allow unlimited requests it is a question of time and bandwidth to break into a server system.
| ObiWaN stands  for "Operation burning insecure Web server  against Netscape". It is  called Project 2086 now, after 2068 the number of the  RFC which  describes the HTTP/1.1 protocol. 11.1 is the section which describes   the basic authentication scheme. This is the mostly used authentication  scheme  for web server and used by ObiWaN. | 
Web  servers with simple challenge-response authentication  mechanism mostly  have no switches to set up intruder lockout or delay timings  for wrong  passwords. Every user with a HTTP connection to a host with basic   authentication can try username-password combinations as long as he/she  like it.  This allows the attacker to prod the system as long as he  wants to.
Like other programs for UNIX system  passwords (crack) or NT  passwords (lophtcrack) ObiWaN uses wordlists  and alternations of numeric or  alpha-numeric characters as possible  passwords. Since web servers allow  unlimited requests it is a question  of time and bandwidth to break in a server  system. The first way is to  run ObiWaN more than once. The following example  tries to crack  username eccouncil on the intranet.
./ObiWaN -h intranet -a eccouncil -w list.txt
To run it with alphanumeric variation with a depth of 2
./ObiWaN -h intranet -a eccouncil -w list.txt -A 2
To run it in brute force loop mode
./ObiWaN -h intranet -a eccouncil -w list.txt -b 6 -B 8
| Munga Bunga's  HTTP Brute Forcer is a utility utilizing the  HTTP protocol to brute  force into any login mechanism/system that requires a  username and  password, on a web page (or HTML form). To recap - A password  usually  only contains letters. In such a case the quantity of characters in a   charset is 26 or 52, depending on usage of registers - both of them or  just one.  Some systems (Windows, for example) don't make any difference  between lower-case  and uppercase letters. With an 8-characters' long  password the difference would  amount to 256 times, which is really  significant. | 
Brute force method can sometimes be very effective when it  is  combined with the functionality of the program. Munga Bunga is a  tool which can  be used for breaking into emails, affiliate programs,  web sites, any web based  accounts, launching DoS attacks, flooding  emails, flooding forms, flooding  databases and much more; though DoS  attacks and flooding activity are not  supported or documented in the  documentation. Apart from this, the attacker can  write definition  files. These are files ending in the .def extension, and  contain  information about a particular server, and the data to submit to it.   They are used to extend the power and capability of the program, based  on the  user's own definitions. The software comes bundled with some  definition
The  tool claims to be capable of brute forcing, any thing that can  be  entered via a HTML form with a password and username. The attack  methodology  goes as follows: The attacker uses a password file in order  for the program to  attempt and enter the account(s), with the  specified passwords. In addition, he  can write a definition file for  the form he wants to crack into.
Passlist is  another character based password generator.
Passlist  is a character based password generator that implements a small routine   which automates the task of creating a "passlist.txt" file for any  brute force  tool. The program does not require much information to  work. The tool allows the  user to specify the generation of passwords  based on any given parameter. For  instance, if the user knows that the  target system's password starts with a  particular phrase or number, he  can specify this. This makes the list more  meaningful to the user and  easier for the brute forcer. He can also specify the  length required  such as the maximum number of random characters per password,  apart  from the maximum number of random
A partial list is given below.
 Refiner is used to generate a wordlist containing all possible combinations of a partial password, which an attacker may have obtained by other means. Refiner will then generate a text file containing all possible combinations.
 WeirdWordz allows the user to just select an input file and as an output file, makes all sorts of combinations of the lines/words in the input file.
 Raptor 1.4.6 - creates words using many different filters from html files to create a wordlist.
 PASS-PARSE V1.2 - Pass-parse will take any file and turn all the words into a standard type password list, while stripping anything that's not alphanumeric. The main idea behind it is that while trying to crack the password of a personal website, the password may appear on the site when the person describes their interests. This will parse through an html file and create a list of words from that page to try as passwords.
 
nice!!!! nice!!!! Nice!!!! I love dis
ReplyDelete