Nmap Development mailing list archives
Re: Ncrack 0.01ALPHA released
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Tue, 11 Aug 2009 03:03:18 +0300
Here is a story about me taking my first steps with ncrack: I try running ncrack with simply ./ncrack to get the help message. "Usage: ncrack [Options] {target specification}" makes me think I only need to define target specification, and everything else is optional. However part labeled "TARGET SPECIFICATION" doesn't discus services. So when I try running it against a local machine with ./ncrack 192.168.1.13 I get an error for not defining a service. After reading service specification section I manage to define the service, and ncrack starts happily cracking the box. Then I decide I want to define a user name so ncrack does not need to brute force both user name and password. I realize that my user names are not too cryptic, and someone personally attacking me will probably be able to guess them. I run "./ncrack" again to see how I could define a user. All I find is option -U for reading user names from a file. I do "echo mylogin > users" and run "./ncrack -U users ssh://192.168.1.13". Now ncrack tells me I'm being inconsistent and that I should set NCRACKDIR to . in order to be consistent. I think there might be a collision and rename the file to users2. This doesn't help, so I run "NCRACKDIR=. ./ncrack -U users2 ssh://192.168.1.13", but the message does not go away. Then I notice the option for setting data dir. So I try running "./ncrack --datadir . -U users2 ssh://192.168.1.13". This doesn't work either, so I give up and stop trying. This is roughly how my user experience went. I hope this helps improving the tool. --Toni On Mon, Aug 10, 2009 at 11:15 PM, ithilgore<ithilgore.ryu.l () gmail com> wrote:
Hello nmap-dev! I am pleased to announce that the first ALPHA release of Ncrack has been published! This is meant for testing and bugfixing only, so there will be no public announcements outside of nmap-dev for now. Ncrack is a high-speed network authentication cracking tool and was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more. Ncrack works on Linux, *BSD, Windows and Mac OS X and there are already Windows and Mac OS X installers out, as well as a unified source code tarball that compiles on all systems mentioned. You can find everything you need at: http://nmap.org/ncrack Also, make certain you read the man-page at: http://nmap.org/ncrack/man.html Of course, you can always download the latest svn source code like this: svn co --username guest --password "" \ svn://svn.insecure.org/nmap-exp/ithilgore/ncrack This is also a call for testers to give Ncrack a try, report any problems found, comment on more features they might want and have a great time playing with it! Cheers, ithilgore _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released Toni Ruottu (Aug 10)
- Re: Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released Toni Ruottu (Aug 10)
- Re: Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released Toni Ruottu (Aug 10)
- Re: Ncrack 0.01ALPHA released ithilgore (Aug 10)
- Re: Ncrack 0.01ALPHA released Toni Ruottu (Aug 10)