Tag Archives: guess

Nmap oracle-sid-brute v0.2 released

I have created a new Nmap script that attempts to determine valid Oracle instance names by guessing names from a dictionary against the TNS-listener. It’s available, together with my other scripts, from the nmap scripts page.

Continue reading

Cracking SIP with John the Ripper

I just finished a patch against Romain Raboin’s HTTP Digest authentication patch for John the Ripper. Romain’s patch is also included in the jumbo patch available from the John the Ripper main page. The patch I made is very small and simply checks if the Quality of Protection (qop) parameter was supplied in the input or not. If it’s not it makes the appropriate changes so that the response is computed per the simpler RFC 2069 standard instead.

Continue reading