<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d13148410\x26blogName\x3dYou+Look+Like+I+Need+a+Drink\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://chalkline.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://chalkline.blogspot.com/\x26vt\x3d6309081622733023818', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

You Look Like I Need a Drink

**Not Quite Web 2.0**

Brutus...

Wednesday, July 13, 2005



I have recently been receiving emails about a few of the programs that I listed when covering some network security tools (to put it bluntly, tools for hacking) and I hate to reference myself so after you read this, open up another tab on browser here: www.insecure.org/tools.html. This is a great listing (albeit slightly outdated) but you get a great idea of tools for different operating systems. Because I need to prepare for my trip to Boston, I will only briefly cover Brutus today. Their site www.hoobie.net/brutus/ functions but may not load everything. Once you open the exe file you notice a nice GUI with a number of different functions. You will notice that under 'target,' you must enter the site you are auditing set to port 80. If you have not already figured it, Brutus is a remote online password cracker (via brute force-hence the name). It even has a list built in to reference for users and passwords but if you want to get a little more in depth, google wordlists and use them with Brutus. You may find that your target is more into science. That would be a clear indication to find a science wordlist. Anyone can use google to search for things but when you add strings like 'allinurl' or 'intitle' with your searches you can greatly narrow things down for an easier search. The same goes with password cracking. If you can narrow down a search, by all means save some time and energy. Now moving on I am assuming that you are trying to get into a pr0n site which means you will want to keep your 'type' box as HTTP (Basic Auth). Note that if the site is running PHP, Brutus will not work--or at least I have never had any luck or heard of anyone that has (let me know if I am wrong). Before you hit the 'start' button you may want to proxy your connection for the sake of anonymity. Google up a list of proxies and find one that is fast. If you are wardriving and will never be on this network again, you won't have to proxy (and Brutus will probably run faster anyway) but then again, if you are wardriving and know what you are doing, you probably don't need to be reading this post! Connections and Timeouts are something you will have to learn and adjust on your own as it depends on your connection speed. Stick with the default and make adjustments as necessary. If you are ready, go ahead and hit 'start' to get cracking. EXPECT to wait awhile. If I have forgotten to mention something, sorry. I have some other things that I am pre-occupied with. Also, I have not used Brutus in quite some time. Just remember that there are websites that you visit that keep logs and if the sysadmin decides to check them, you could easily lose your access to the net as well as getting raped by a big gorilla of a man in jail named Bubba. Hack smart and I didn't tell you to do shit...

~aL

Labels:

posted by aL, 9:28 PM

1 Comments:

What does "Throttle" mean? and the other indicators along the bottom right with it?
commented by Anonymous Mr. MMD, 4:04 PM  

Add a comment