Re: Ncrack suggestion.

[Richard Miles <richard.k.miles () googlemail com>]

Hi!

As a follow up, I tested Ncrack in a VM with BackTrack and all tools work
fine, including nmap. However, when using Ncrack in a few minutes the
program gets killed. Even medusa works fine.

Starting Ncrack 0.01ALPHA ( http://ncrack.org ) at 2010-03-26 11:34 CDT
Rate: 67.88; Found: 0; About 1.02% done; ETC: 03:35 (5:04:18 remaining)
Stats: 0:03:25 elapsed; 0 services completed (40 total)
Rate: 59.68; Found: 0; About 1.12% done; ETC: 03:32 (5:01:07 remaining)
Stats: 0:06:37 elapsed; 0 services completed (40 total)
Rate: 78.49; Found: 0; About 2.24% done; ETC: 03:23 (4:48:52 remaining)
Killed

I'm using wordlists provided with Ncrack
(/usr/local/share/ncrack/minimal.usr and
/usr/local/share/ncrack/default.pwd) and loading an list of targets for SSH
via -iL where I have something like 40 hosts.

Is this a well know bug?

Thanks.

On Thu, Mar 25, 2010 at 12:49 PM, Richard Miles <
richard.k.miles () googlemail com> wrote:

> > > That's something that could be easily implemented. We can note that down
> > for
> > > our TODO list.
> Very good, it will be very helpful.
>
>
> > > Ncrack already supports attacking multiple targets at the same time,
> > without
> > > needing any particular command-line option. Just specify the hosts and
> > services/ports
> > > you want, the way you do it with Nmap.
> Ok, but I'm brute forcing only SSHv2. How should I for example tell to
> Ncrack test 3, 4 of 5 SSH servers in parallel ? I'm reading the SSH servers
> from a list with -iL.
>
>
> > > And using Ncrack with -v it works, however if we use -vv or -vvv (more
> > > verbose) it doesn't brute force, it shows the help again. Maybe a bug?
> >
> > Yes, that is most likely a bug. I'll look into it.
>
> Thanks.
>
>
> > > You can do that interactively by pressing 'v' while Ncrack runs and it
> > will display
> > > more output (or press 'V' to decrease it). It is more or less similar to
> > the way Nmap
> > > works as far as interactive output is concerned. 'd' and 'D' also apply
> > for more/less
> > > debugging output.
>
> Nice workaround. I will try it.
>
> > > Indeed, implementing the OpenSSH library for Ncrack [1] has many
> > advantages, but
> > > as I said above, attacking several targets at once is an inherent
> > capability of
> > > Ncrack. You can even attack different services (e.g a SSH service of one
> > host, and a FTP
> > > service of another host) at the same time. See the man page for some
> > examples.
>
> I saw that on documentation.
>
> Thanks for help.
>
>
> > > That's all.
> > >
> > > Very nice tool.
> > >
> > > Thank you.
> >
> > Cheers,
> > ithilgore
> >
> >
> >
> > [1]. http://sock-raw.org/papers/openssh_library
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/