Quote:
Originally posted by Baal
Quite true. Thus, only someone with a successful login can know exactly the HTML that will be returned by a successful login. With some creative scripting, I can make sure that each valid account gets a unique yet perfectly valid looking "main" page after login. Since each account thus has it's own unique "main" page that is created with a credit card, testing crack attempts by returning those rotated unique looking pages (but non-functional since I'm tracking a bogus login behind the scenes), I can track the crack attempt by credit card number (any bogus name/pass that is used in that attempt is in my database... if it's used again, we have a hit by a cracker who thought it was valid). How many links deep do you want to test for? Depends on how long you want your proxy to stay up, and how big my database is 
BTW, why did you think that the original post's solution, returning HTML, would only fool a browser and not a script? Same thing to both of them (bogus login is an error and is obvious to both).
BTW2, It sounded like you mainly exploited security flaws to gain root, not cracking to get user/pass. Personally, I'm more worried about those security flaws than massive proxy crack attacks.
|
very good point indeed...another way would be to assign cookies to someone that has a legit password...but then again there is a program (not used by many due to the lack of need) that will find out what the cookie needs to be and fools the server...but since so few servers use this method...this cracking method is not well known....
Kyree