Nmap Development mailing list archives
Re: Fix and addon to http-auth.nse
From: David Fifield <david () bamsoftware com>
Date: Fri, 7 Nov 2008 10:33:07 -0700
On Fri, Nov 07, 2008 at 08:52:13AM +0100, Vlatko Kosturjak wrote:
David Fifield wrote:You can rewrite the authentication-testing loop in a more idiomatic style. Instead of for i = 1, #authcombinations, 1 do use for _, combination in ipairs(authcombinations) do Please add an @output section as described at http://nmap.org/book/nse-documentation.html#nse-documentation-script Since you must have a server to test this against now is a good opportunity to record this script's output.Done that. New diff of script is in attachment.
Thanks, it looks good and I have applied it. Let me apologize, the script already had an @output section. I don't know how I missed it. My instructions must have been confusing. Thanks, though, for including the output for successful authentication.
Can you give examples of applications that use test:test by default for authentication? I want to be sure there's evidence for it before adding it to the script.Not sure about the applications, but lot of tutorials on the web have this as example.
I would like to see measurements first before adding another user name/password pair. It would be good to know just how common test:test and admin:test are, compared to admin:and admin:admin. I left the test: combinations out for now. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Fix and addon to http-auth.nse Vlatko Kosturjak (Nov 06)
- Re: Fix and addon to http-auth.nse David Fifield (Nov 06)
- Re: Fix and addon to http-auth.nse Vlatko Kosturjak (Nov 06)
- Re: Fix and addon to http-auth.nse David Fifield (Nov 07)
- Re: Fix and addon to http-auth.nse Vlatko Kosturjak (Nov 06)
- Re: Fix and addon to http-auth.nse David Fifield (Nov 06)