Re: Pentesting Openmail Web login

To:	s-williams@nyc.rr.com
Subject:	Re: Pentesting Openmail Web login
From:	Brent Wolfram <brent.wolfram@gmail.com>
Date:	Wed, 23 May 2007 21:51:10 -0400
Cc:	"pen-test@securityfocus.com" <pen-test@securityfocus.com>
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=XJWlitljV5JWRBtaebhzIXWu6MhdJRyEgK4wtDPx2y56nP/bUy0DcDcLHRyOf4SKmwEZYnUiGiSyXS408Tu43CfuKbvQeYy7rnTM/JzSLzS20REdXBP668bA43mtLQjIhXMhG9ePOpPUdKb2Fiq7zL2pEPpUXovEgLuKNsczYKw=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=ERFdsFYr7z79/GIVake1tpSrvpjEA2JKQ+uEZuIUI7JezxZMJbSBi4rLcRVWG97uuLlvPpcuGcIHqdjIY36srOMukTvjB0T7P0wzXGak5bhu18dI1GF+dxiB3J5xjoG5SUBJ6NsiPabx84HyxWfQb+Rb5oLWRkxWjx51FfZ8bvU=
In-reply-to:	<679373278-1179969881-cardhu_blackberry.rim.net-1262565111-@bxe047-cell01.bisx.prod.on.blackberry>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<679373278-1179969881-cardhu_blackberry.rim.net-1262565111-@bxe047-cell01.bisx.prod.on.blackberry>
Resent-date:	Wed, 23 May 2007 20:30:11 -0600 (MDT)
Resent-from:	pen-test-return-1078484239@securityfocus.com
Resent-message-id:	<20070524023011.9A77414437C@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com
User-agent:	Thunderbird 1.5.0.10 (X11/20070302)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


It is not clear what you are asking for, but I will guess you are
looking for a tool to perform brute-force attack against an html form
based login screen.  If that is the case, take a look at Brutus or
C-Force.  THC-Hydra apparently does form based as well, but never tried
it for that.


s-williams@nyc.rr.com wrote:
> Anyone have a good tool in mine?
> ------Original Message------
> To: listbounce@securityfocus.com
> To: pen-test@securityfocus.com
> Sent: May 23, 2007 12:01 PM
> Subject: Pentesting Openmail Web login
> 
> I am task with testing user accounts on our mail system. We currently have 
> two systems Exchange, and OpenMail for Linux which is on the DMZ. We are 
> interested in finding out how easy it might be for someone to guess the 
> password of one or our users account.
> 
> And if the are sucessful what can the do on the linux box, with that username 
> and password.
> 
> We have a main site with a link to the webmail system from there, ifi want to 
> test this which tool might be the best for doing this since its a link and 
> not the main page?
> 
> Thanks in advance
> 
> "A wise man ask questions, a fool is afraid of knowledge"  
> 
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
> 
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
> 
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFGVO+OUyOxvUG0pAsRAixLAKCeozYgD9uzVfQ9XD+L5ozWswb/6QCfeRGh
JRFzjOFQX6itEj0edsT8yhE=
=ejNI
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Pentesting Openmail Web login, s-williams Re: Pentesting Openmail Web login, Rodrigo Montoro (Sp0oKeR) Re: Pentesting Openmail Web login, s-williams Re: Pentesting Openmail Web login, Brent Wolfram <= Re: Pentesting Openmail Web login, Tremaine Lea Re: Pentesting Openmail Web login, sherwyn . williams RE: Pentesting Openmail Web login, Clemens, Dan RE: Pentesting Openmail Web login, Marco Ivaldi Re: Pentesting Openmail Web login, Bojan Zdrnja Re: Pentesting Openmail Web login, pagvac Re: Pentesting Openmail Web login, rajat swarup

Previous by Date:	Re: Pentesting Openmail Web login, s-williams
Next by Date:	Re: Pentesting Openmail Web login, Tremaine Lea
Previous by Thread:	Re: Pentesting Openmail Web login, s-williams
Next by Thread:	Re: Pentesting Openmail Web login, Tremaine Lea
Indexes:	[Date] [Thread] [Top] [All Lists]