Some common passwords used are: root, admin, administrator, guest, backup operator, password, demo, test, webmaster, public, private, member and trial.
Tools called Webcracker takes a dictionary attack to attempt to login.
Brutus is another tool that use Brute Force and dictionary.
You can make your own called a Dictionary Maker that have most of all the common passwords used. Ignyte Software - Lexington Kentucky Software Solutions / Application Development Company serving Lexington, Danville, Campbellsville, Bowling Green, Frankfort, Louisville, Florence, Newport, and other cities in Kentucky
You can also intercept a query string. An example below:
http://www.testsite.com/mail.asp?mailbox=ken&company=testsite com
and change that too:
http://www.testsite.com/mail.asp?mailbox=kristy&company=testsite com
Another tool is called cookie spy SE
Readcookies.html
Snadboy will read those password text fields that normally display an asterisk only. Open Snadboy and then open myspace and put your credentials in but dont login yet. Now take the cursor in snadboy and position it over the password box that contains the asterisks which is your password. Now look at snadboy and you will see your password. This tool is good to use if you have someone that uses the autocomplete feature or any other autofill programs. Even thou your passwords are in the protected storage section on your harddrive, this tool will reveal them. This even works on windows user account that are password protected. So if you forgot your password or want to get in to someone elses account on yours or their computer, use this tool.
Tools called Webcracker takes a dictionary attack to attempt to login.
Brutus is another tool that use Brute Force and dictionary.
You can make your own called a Dictionary Maker that have most of all the common passwords used. Ignyte Software - Lexington Kentucky Software Solutions / Application Development Company serving Lexington, Danville, Campbellsville, Bowling Green, Frankfort, Louisville, Florence, Newport, and other cities in Kentucky
You can also intercept a query string. An example below:
http://www.testsite.com/mail.asp?mailbox=ken&company=testsite com
and change that too:
http://www.testsite.com/mail.asp?mailbox=kristy&company=testsite com
Another tool is called cookie spy SE
Readcookies.html
Snadboy will read those password text fields that normally display an asterisk only. Open Snadboy and then open myspace and put your credentials in but dont login yet. Now take the cursor in snadboy and position it over the password box that contains the asterisks which is your password. Now look at snadboy and you will see your password. This tool is good to use if you have someone that uses the autocomplete feature or any other autofill programs. Even thou your passwords are in the protected storage section on your harddrive, this tool will reveal them. This even works on windows user account that are password protected. So if you forgot your password or want to get in to someone elses account on yours or their computer, use this tool.
