Was wondering if anyone could lead me in th right direction with this one?
When attempting to brute force an account using XHydra through SMB/TCP (smbnt), I am periodically receiving the following (error?):
[smb] Host: 192.168.2.100 Account: account-name-omitted Error: Invalid Account (Anonymous Mapping Created)
This will appear no the screen several times before Hydra continues on with it's brute force attempts. It will then reappear after several more attempts have been made.
I have searched around to see what this means exactly, but cannot seem to find anything. The only thing that comes to my mind is that it has possible made a null session. Whilst unlikely, if this is the case, why is it doing this?
I am testing Hydra against one of my own machines and hence am using a known username to attack the box. I am using a password list. Port 445 is open on the target machine. Target OS = XP SP3.
Any ideas would be appreciated.
Thought I might add something useful to the thread.
If anyone is experiencing similar (or unrelated) trouble with Hydra, a nice little alternative I found is medusa.
It appears to be more stable than Hydra, has been updated more recently, and has thread based parallel testing (that works great with smb/tcp attacks).
It supports basically every protocol that Hydra does + more. A comparison of the two can be found on the foofus medusa homepage.
I'd post a link but haven't contributed enough to these forums to do so yet. If you're interested in medusa, just Google "medusa foofus"