April 27th, 2004, 04:17 PM
Where to get "enum+" (NetBIOS Brute Force tool)
I need to get my hands on a fast netbios brute forcer that does not need a dictionary (non-english language, can't find appropriate dictionary). I have read that there is a modification of the dictionary attack program ENUM, called ENUM+ that will run a standard brute force trying all combinations of letters.
I am in a LAN with my brother's computer (the target) so the tool can run very quickly if it could just support the bandwidth (1 gigabit/sec). I have seen the speed at which ENUM can try passwords from a dictionary, and that is why I am now trying to get my hands on ENUM+.
However, ENUM+ seems to be hard to find, and the only link I DID find (on google) was dead. So.. Can anyone help me out?
April 27th, 2004, 04:32 PM
A brute forcer never needs a dictionary.
There are several ways to crack a password:
a) dictionary attack using a list with "known" passwords,
b) brute force (try all posibilities)
c) hybrid (dictionary+ some random characters).
But I digress....
Taken from the third hit on google
Edit: I'm probably getting the same result as you: 500 Server error.
Why not try other tools? There must be a zillion netbios brute forcers out there.
Experience is something you don't get until just after you need it.
April 27th, 2004, 05:21 PM
that's the same link i found.
it's as dead as they come.
i would gladly use another brute forcer, but I have tried a lot, and nothing seems to work well.
Brutus has one, but it just gives me netbios error 0 or something, that a lot of people have problems with, and then quit. it did that on my old win2k install on my old machine too.
A whole bunch of brute forcers are not what they claim to be and require a dictionary. Some have the option to add a few numbers to the dictionary entries. That doesn't crack my brothers password.
PwlTool has a brute forcer that works, but no matter the bandwidth (which is still 1 gigabit/sec) it tries only 35 passwords a second and displays a little over 2000 years of time left. That is not acceptable. The tool's readme admits it's slow, and says the netbios cracking part is just in there for "educational use".
This is what leads me to believe that ENUM+ is the best choice, given the speed the regular version can try passwords for a dictionary and the fact that creating these passwords on the run shouldn't be a problem for my brand new machine.
However, if you have a suggestion for another brute forcer that can do the job, feel free to step forward with it.
If anyone in this forum happen to have or know a working link to ENUM+, please give it to me.