[9638] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

ISS Internet Scanner Brute Force Bug

daemon@ATHENA.MIT.EDU (alexander tampermeier)
Thu Feb 18 16:40:16 1999

Date: 	Wed, 17 Feb 1999 23:54:11 PST
Reply-To: alexander tampermeier <alex_tampermeier@HOTMAIL.COM>
From: alexander tampermeier <alex_tampermeier@HOTMAIL.COM>
To: BUGTRAQ@NETSPACE.ORG

The Internet Scanner lets you brute force by using username/password
pairs specified in the file default.login. I specified a known
username/password pair but the scanner could not login.
The reason is that the Internet Scanner needs a carriage return after
the last username/password pair. If it finds just an EOF marker then the
password gets modified by adding an additional character.
For example the password test is modified to testo.

Alexander

alex_tampermeier@hotmail.com

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[9638] in bugtraq

ISS Internet Scanner Brute Force Bug

daemon@ATHENA.MIT.EDU (alexander tampermeier)Thu Feb 18 16:40:16 1999

daemon@ATHENA.MIT.EDU (alexander tampermeier)
Thu Feb 18 16:40:16 1999