This type of attack uses a repetitive method of trial and error in order to guess a person's user name, password, credit card number, or cryptographic key.
An attacker might try the following attack methods to find out valid authentication credentials for a web application:
| Attack type | Attack description |
|---|---|
| Dictionary attacks | Automated tools that try to guess user names
and passwords from a dictionary file. A dictionary file might contain words gathered by the attacker to understand the user of the account about to be attacked, or to build a list of all the unique words available on the web site. |
| Search attacks | Covers all possible combinations of a character
set and ranges of password length. This attack might take some time because of the large amount of possible combinations. |
| Rule-based search attacks | Uses rules to generate possible password variations from part of a user name or from modifying pre-configured mask words in the input. |
| Signature name | Description | More information |
|---|---|---|
| HTTP_Forced_Browsing_Probe | Detects repeated attempts to access non-existent
resources on a web server. This could indicate an attack attempt related to the general problem of Forced Browsing, where an attacker uses brute force methods to search for unlinked contents in the domain directory, such as temporary directories and files, and old backup and configuration files. These files and directories could contain sensitive information about web applications and operational systems, such as source code, authentication credentials, internal network addressing, or any other type of valuable information that could allow an attack of the system. |
IBM® X-Force®: Web application forced browsing probe detected |
| HTTP_Hydra_BruteForce | Detects Nessus Hydra plug-in using brute force techniques. | IBM X-Force: Nessus Hydra plugin brute force detected |