Discussion:
NiX - Linux Brute Forcer (the beast) has been released!]]
(too old to reply)
n***@myproxylists.com
2010-11-13 20:36:09 UTC
Permalink
Where is for example FORM auto-detection for those
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.
As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.
I just gave a test-run for Hydra against my own site and noticed:

It does support only single proxy, any site that has even a bit protection
will defeat it. NiX does support HTTP/SOCKS4/SOCKS5 (as much as you have
working proxies) with randomization etc. This is significant advantage
over any other tool.

I have worked 1.5 months constantly on NiX, after i have had a little
break. I will implement support for other major protocols which is now
really easy after having otherwise working engine.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
n***@myproxylists.com
2010-11-13 20:14:23 UTC
Permalink
Where is for example FORM auto-detection for those
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.
As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.
If you read the first post i did regarding NiX:
http://seclists.org/fulldisclosure/2010/Nov/115

It is listing the features. I can understand everyone is busy as i am as
well. If you take a look at similar windows tools, none of those have an
SSL support and pretty much them all are unreliable, that´s why i wanted
to come up with more powerful solution.

I am not saysing Hydras´s etc. are bad tools, I usually can make custom
features regardless of a tool made.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
phocean
2010-11-13 19:56:52 UTC
Permalink
Where is for example FORM auto-detection for those
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.

As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hoste
n***@myproxylists.com
2010-11-13 21:50:10 UTC
Permalink
In all fairness I do use proxychains for all of my proxy randomization and
all that kind of stuff if I need it. That way it's consistent regardless
of what I throw at it, even tools without random proxy chaining like nmap
and hydra.
I am of course aware of proxychains as i use it myself. But lets get back
to one feature: Auto-removal of dead or unreliable proxy and when site
protection mechanism blocks the proxy

That is not possible using proxychains. A less your program depends on
other programs, the better. I am not saying, ten points to THC for coding
it in pure C.

I could not find any kind of FORM support from hydra, i have put a good
amount of time to FORM auto-detection logic as well (very good for less
advanced users).

Some people have asked what advantages NiX offers over other tools, this
question should have been answered now.
Good job coding it though, I can't imagine that was easy.
Ryan
Thanks, really difficult and time consuming project but i have verified it
to be stable (45k combolist and over 1000 proxies).

PS. If any of you downloaded yesterday 1.0.0 version, please download
immediately the latest 1.0.1 version is i forgot to fix something
important (told in CHANGELOG) before i packed the release version.

If you find a bug, just let me know and i try to fix it asap.
Post by n***@myproxylists.com
Where is for example FORM auto-detection for those
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.
As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.
It does support only single proxy, any site that has even a bit protection
will defeat it. NiX does support HTTP/SOCKS4/SOCKS5 (as much as you have
working proxies) with randomization etc. This is significant advantage
over any other tool.
I have worked 1.5 months constantly on NiX, after i have had a little
break. I will implement support for other major protocols which is now
really easy after having otherwise working engine.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Robert Kim App and Facebook Marketing
2010-11-13 22:56:38 UTC
Permalink
Are there any exclusively NiX forums? I've run into similar issues and
google isnt finding much for me

ugh
Post by n***@myproxylists.com
Some people have asked what advantages NiX offers over other tools, this
question should have been answered now.
Good job coding it though, I can't imagine that was easy.
Ryan
Thanks, really difficult and time consuming project but i have verified it
to be stable (45k combolist and over 1000 proxies).
PS. If any of you downloaded yesterday 1.0.0 version, please download
immediately the latest 1.0.1 version is i forgot to fix something
important (told in CHANGELOG) before i packed the release version.
If you find a bug, just let me know and i try to fix it asap.
Post by n***@myproxylists.com
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.
As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.
It does support only single proxy, any site that has even a bit protection
have
working proxies) with randomization etc. This is significant advantage
over any other tool.
I have worked 1.5 months constantly on NiX, after i have had a little
break. I will implement support for other major protocols which is now
really easy after having otherwise working engine.
--
Robert Q Kim
Clothing Manufacturer and Garment Production
http://dmresourcela.com

2611 S Coast Highway
San Diego, CA 92007
310 598 1606

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
n***@myproxylists.com
2010-11-14 12:52:06 UTC
Permalink
Post by Robert Kim App and Facebook Marketing
Are there any exclusively NiX forums? I've run into similar issues and
google isnt finding much for me
ugh
There are no NiX forums, if you are having issues, just ask me. What kind
of issues?
Post by Robert Kim App and Facebook Marketing
Post by n***@myproxylists.com
Some people have asked what advantages NiX offers over other tools, this
question should have been answered now.
Good job coding it though, I can't imagine that was easy.
Ryan
Thanks, really difficult and time consuming project but i have verified it
to be stable (45k combolist and over 1000 proxies).
PS. If any of you downloaded yesterday 1.0.0 version, please download
immediately the latest 1.0.1 version is i forgot to fix something
important (told in CHANGELOG) before i packed the release version.
If you find a bug, just let me know and i try to fix it asap.
Post by n***@myproxylists.com
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.
As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.
It does support only single proxy, any site that has even a bit protection
have
working proxies) with randomization etc. This is significant advantage
over any other tool.
I have worked 1.5 months constantly on NiX, after i have had a little
break. I will implement support for other major protocols which is now
really easy after having otherwise working engine.
--
Robert Q Kim
Clothing Manufacturer and Garment Production
http://dmresourcela.com
http://youtu.be/SeBa9Wz-k0s
2611 S Coast Highway
San Diego, CA 92007
310 598 1606
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

r***@mtu.edu
2010-11-13 21:31:44 UTC
Permalink
In all fairness I do use proxychains for all of my proxy randomization and all that kind of stuff if I need it. That way it's consistent regardless of what I throw at it, even tools without random proxy chaining like nmap and hydra.

Good job coding it though, I can't imagine that was easy.
Ryan
Post by n***@myproxylists.com
Where is for example FORM auto-detection for those
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should have started by that, it is that simple.
We are all busy and you can't expect anyone to even have a look on your
tool or link if you don't highlight how different it is from others or
why you did it.
As far as I am concerned, these features may be nice, but I don't need
them and will stick to Medusa for the brute force tests I run from time
to time (ie not often, a few times a year at most).
But, to make it clear, it is just my personal opinion, I am not saying
that your tool is not interesting or useless.
It does support only single proxy, any site that has even a bit protection
will defeat it. NiX does support HTTP/SOCKS4/SOCKS5 (as much as you have
working proxies) with randomization etc. This is significant advantage
over any other tool.
I have worked 1.5 months constantly on NiX, after i have had a little
break. I will implement support for other major protocols which is now
really easy after having otherwise working engine.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
Loading...