InfoSec Institute's blog

Online Dictionary Attack w/ Hydra

Introduction

When an attacker wants to learn credentials for an online system, he can use brute force or a dictionary attack. This article introduces these two types of attack and explains how to launch an online dictionary attack using Hydra.

Brute Force vs. Dictionary Attack

An attacker can try every possible password combination (brute force approach). The advantage is guaranteed success in finding the right password. The drawback is that it is a very time-consuming process.

It’s probable that a typical user is frustrated about password best practices and uses a pattern for the password (for example a common word and a digit appended at the end). Then the attacker can build a set of common words concatenated with a digit (an exemplary pattern in the dictionary) and try every combination from this set. This approach (dictionary attack) can save the attacker’s time, because he doesn't have to brute-force the whole key space. The disadvantage is that there is no guarantee that the right password will be found. However, the probability of hitting the right password is quite good, taking into account the passwords people often choose.

Environment

Hydra is described as a network logon cracker that supports many services. This article explains how to use Hydra to launch an online dictionary attack against FTP and a web form.

Metasploitableis a Linux-based virtual machine that is intentionally vulnerable. It can be used, for example, to practice penetration testing skills. Please remember that this machine is vulnerable and should not operate in bridge mode.

Cross Site Scripting with ChEF

Introduction

In this article I am going to explain about how you can use Cross-Site Scripting (XSS) vulnerability and how to exploit it in order to cause massive damage. Nah - I am just kidding! This article will be a short introduction to JavaScript and how XSS vulnerability could appear.

XSS is short for Cross-Site Scripting, but you probably might ask why the short term is not CSS instead. That's because CSS is already used for Cascade Style Sheets, a pre-existing language for defining styles for web pages, so using XSS will prevent confusion.

XSS is one of the most popular vulnerabilities today so it is important to learn how to prevent it. To illustrate, I found an interesting article where it describes what kind of damage XSS could do to users and to a web site. In the following link, you can see some examples of what an attacker could do with a XSS vulnerability: http://codeprofilers.com/tl_files/codeprofiler/pdf/cross_site_scripting_impact.pdf.

The following is a brief list of the potential damage that can be caused by XSS attacks:

stealing and continuing the session of the (authenticated) victim

manipulating files on the victim's computer or the network she has access to

recording all keystrokes the victim makes in a Web application and sending them to the hacker

stealing files from the attacked user's computer or the network she has access to

probing a company's intranet (where the victim is located) for further vulnerabilities

launching other attacks against systems the victim can reach with her browser (on the Intranet)

performing brute force password cracking through the attacked user's compromised browser

Syndicate content