lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 13 Nov 2010 22:36:09 +0200
From: nix@...roxylists.com
To: "phocean" <news@...cean.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: NiX - Linux Brute Forcer (the beast) has been
 released!]]

> Le vendredi 12 novembre 2010 à 21:47 +0200, nix@...roxylists.com a
> écrit :
>> Where is for example FORM auto-detection for those
>> other tools? Where is SOCKS4 proxy support? Where is proxy
>> randomization?
>> Where is logic to drop dead proxies? Where is logic for
>> fake-detection?
>
> Then, you should have started by that, it is that simple.
> We are all busy and you can't expect anyone to even have a look on your
> tool or link if you don't highlight how different it is from others or
> why you did it.
>
> As far as I am concerned, these features may be nice, but I don't need
> them and will stick to Medusa for the brute force tests I run from time
> to time (ie not often, a few times a year at most).
> But, to make it clear, it is just my personal opinion, I am not saying
> that your tool is not interesting or useless.
>
>

I just gave a test-run for Hydra against my own site and noticed:

It does support only single proxy, any site that has even a bit protection
will defeat it. NiX does support HTTP/SOCKS4/SOCKS5 (as much as you have
working proxies) with randomization etc. This is significant advantage
over any other tool.

I have worked 1.5 months constantly on NiX, after i have had a little
break. I will implement support for other major protocols which is now
really easy after having otherwise working engine.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ