Quick update on your favourite brute forcer… The file input “MS EOF char” issue has been resolved, and provision has been made for blank passwords too. The above mentioned error meant that Crowbar incorrectly used EOF characters on *nix based files.
Regarding the blank passwords, simply include the word “[blank]” (without the “”) in your brute force file and crowbar will test for blank usernames/passwords as well.
For those of you that don’t know, Crowbar is a generic brute force tool used for web applications. It’s free, it’s light-weight, it’s fast, it’s kewl :>