BruteForce attacks are much better than dictionary attacks totally because of many reasons such as wordlist doesnt include all of words, it takes much more time to crack the password and so on.

However you can find good wordlists here:
http://www.skullsecurity.org/wiki/index.php/Passwords/

But u perform dictionary or bruteforce attack use the ncrack tool first. Its a very fast pass cracker open terminal in backtrack and type this command:

Ncrack -v --user <username><target address>:<service port>

Example:
Ncrack -v --user admin 127.0.0.1:21

Goodluck and let me know if u have any problem.

CyberSpirit

ncrack is actually no longer under development (http://seclists.org/nmap-dev/2012/q3/605). Hydra and medusa are still supported, so we'll continue to see bugfixes and enhancements.

Here are some comparisons on their performance:
http://www.thc.org/thc-hydra/network_password_cracker_comparison.html
http://www.foofus.net/~jmk/medusa/medusa-compare.html

Hmm you don't need to ask those questions, simple say no period, don't make big deal out of nothing .



author=m0wgli link=topic=9334.msg52552#msg52552 date=1349425123]

No offense, but remember you're on the ethicalhacker.net forums, the keyword here being "ethical".

If you want it, is $4.99 really too much to pay?
[/quote]