ProSec GmbH

+49 261 45093090

  • About us
  • Services
    • Detection services
      • Classic penetration testing
      • Pentest as a service
      • Web application pentest
      • Vulnerability analysis
      • Red teaming
    • Solution services
      • IT security consulting
      • Data protection
        • GDPR
    • Education services
      • User awareness
      • Trainings
        • Junior penetration tester
        • Penetration tester web
        • Penetration tester network
  • Wiki
  • Jobs
  • Contact

Brute Force Attack

The term “brute force attack” hides a cryptographic attack which, by systematically trying out all possible combinations of a given set, will in all probability have to guess the correct value for a password, a username, a hash or a web path at some point like a lottery drawing.

A classic brute force attack can be a very time-consuming process on its own, depending on the method used and the computing power to be provided on the part of the attacker. If the victim uses a long, complex and unique value and mechanisms are in use that hinder continuous trial and error, it becomes almost impossible to achieve success in an acceptable time.

Brute-Force-Angriff

Intentions behind a brute force attack

Brute force attacks appear in the early phases of a hacker attack and can be classified in the first phase of information gathering according to the “kill chain” model (a model to describe the stages of cyber attacks).

The aim of a brute force attack is not only the possible access to further information, the identity or rights of the target, but the value obtained in the form of a password, pin, hash or user name. This means that they can be used on other systems and also sold to third parties.

In the event of a brute force attack on a web server, for example, the attacker also focuses on finding hidden sub-pages in order to exploit any security gaps that may exist there.

In addition, the behavior of a target during a brute force attack can allow the attacker to draw conclusions about other possible attack vectors, such as the possibility of a buffer overflow or remote code execution.

Because of this, brute force attacks take place not only during hacker attacks, but also during stress tests of hardware and software in order to check the robustness and correctness.

A customer service?

Would you like to know more about suitable protective measures or preventions?

Jetzt Anfragen

Suitable protective measures:

Always use passwords with the following conditions:

  • lowercase and uppercase letters
  • Special characters
  • Numbers

Remember that the more characters your password contains, the more difficult it is to crack.

Zuletzt aktualisiert am March 29, 2021

OUR LOCATIONS

  • Headquarters:
  • ProSec GmbH
  • Robert-Koch-Straße 1-9,
    D-56751 Polch, Germany

  • Berlin office:
  • ProSec GmbH
  • Friedrichstr. 123,
    D-10117 Berlin, Germany

 

  • Munich office:
  • ProSec GmbH
  • Franz-Joseph-Str. 11,
    D-80801 München, Germany

TOP-SERVICES

  • Penetration testing

  • Vulnerability analysis

  • Trainings

  • IT security consulting

  • Social engineering

All rights reserved. © 2022 ProSec GmbH | Imprint | Privacy policy | Sitemap