Best NetBIOS brute forcing tool?

[-[PM.gothtec]-]

He has just closed all other services. We are both behind the same server, that is running a firewall for us.

I am using WinXP on my stationary machine and Linux on my laptop, same as him. Brute forcing from the laptop would probably be slower, though, since it only has a 100 mbit network card.

Since everyone is suggesting that I create scripts to do the brute forcing... Does that mean that a reasonably fast brute forcer for NetBIOS is not currently available to the "public"?

I still believe ENUM+ is the solution to my problems. I believe I have already mentioned the speed at which the ordinary ENUM version (which is the only one I can actually find a living link to) could test passwords from a dictionary. ENUM+ should be able to do the same, only it has a built-in password generator for brute forcing.

[Spyder32]

If he closed off other services, try looking for a exploit or recent vulnerability in his firewall. Since you both have the same one, study your's extensively and research some vulnerabilities in it.

[-[PM.gothtec]-]

no, you misunderstood my point. he has JUST disabled the services. as I said previously, we are BOTH in a lan behind the SAME computer that acts as our firewall and really has nothing to do with the issue at all.

why can't anyone just suggest a good netbios brute forcing tool or throw me a link to enum+?

[CXGJarrod]

Originally posted here by -[PM.gothtec]-

why can't anyone just suggest a good netbios brute forcing tool or throw me a link to enum+?

Because we dont know if you are messing around on your LAN or someone elses.

[-[PM.gothtec]-]

there really isn't a way for me to prove that, is there?
should I send you a picture of my brothers computer?
an nmap scan?
everything I can think of could easily be faked.

come on. please just help me!
i am so tired of staring at google trying different search phrases and finding either dead links to enum+ or other brute forcers that don't do their job (they require dictionaries or test like 20 passwords a second).

[Tiger Shark]

Gothtec: What you seem to be misunderstanding here is that your brother has clearly beaten you. Yes, someone could get into his computer eventually.... But look how much time and effort you have expended to date..... and you have got _nowhere_..... You also understand that if you were to find a "good" network brute forcer it's still going to take a long, long time to get anywhere. Now, other than the satisfaction of "beating" your brother, look at this from another point of view, a truly malicious cracker. It's simple economics really, does the prize justify the expenditure in time and effort if you "win"? Since there appears to be no tangible prize your brother has maintained his security since anyone else would have given up by now and moved on to a target that the "prize" can be gained with a more reasonable expenditure. Remember also that you are getting an unfirewalled view of his box..... An outsider has the firewall to breach too.......

Congratulate your brother for me..... and then take a careful look to make sure he doesn't own your computers.......

[-[PM.gothtec]-]

you make a lot of good points there. however, i have only got that one brother, and moving on to "a target that the 'prize' can be gained with a more reasonable expenditure" is thus not an option, unless i really intended to start hacking others.

i am not one for giving up. it has been suggested here that I create my own scripts, and I have actually tried to do so, only to find out that I don't know how to combine my password generator with the password test script and that even if I did, it would only test one password at a time, which would probably give it roughly the speed of PwlTool, or even less.

when it comes to owning my computers, we actually have a little war going. it all started by him crashing an old win98 machine of mine that was just standing there peacefully downloading a few mp3s on kazaa. that got it all running and I do not want to give up yet.

i really gotta find enum+, but I feel i've tried just about everywhere
if any of you guys have it, please let me know so i can nag you until you give it to me

[SawPer]

I hope you are not gonna be destructive to anyone else or even your brother, but if you guys are sitting behind a HUB there is a software that can sniff up pretty much anything and also brute force passwords very quickly.

Since TechTV already went out publicly with this nasty little program I guess it won't hurt to mention it: Cain & Abel

I actually use it to make sure I don't have things passing through the networks in clear text and or to make sure I don't have spy ware connecting to remote places and stuff...
Very handy anti hack tool... but could be used very destructively too in wrongs hands...

Since "everybody" already knows about it, everybody should use it to prevent hacking...!

[-[PM.gothtec]-]

i have already found that one..
not entirely sure i remember why i didn't use it, but I think it was that the true brute forcing was dictionary based and the other password method (the very quick one) is the one that relies on a security hole in win95/98/nt

[CXGJarrod]

Originally posted here by -[PM.gothtec]-
i have already found that one..
not entirely sure i remember why i didn't use it, but I think it was that the true brute forcing was dictionary based and the other password method (the very quick one) is the one that relies on a security hole in win95/98/nt

Why do you care if the brute forcing was dictionary based? Doesnt that make the attempt at breaking the password faster?