Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pop3-brute.nse (I think)

From: Ron <ron () skullsecurity net>
Date: Thu, 8 Apr 2010 16:19:02 -0500
Good find. If possible, we should try using authentication it supports (cram-md5? or is that just smtp?) on non-secure 
connections. 

On Thu, 08 Apr 2010 16:14:24 -0500 Daniel Miller
<bonsaiviking () gmail com> wrote:

Not really a problem, but an optimization, I think. While trying out 
--script '*', I noticed that my test target was responding that the 
method of authentication being used on port 995 was unacceptable.
This is on Ubuntu 9.10, running Dovecot. Here's the conversation
according to Wireshark:

S: +OK Dovecot ready.
C: USER root
S: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) 
connections.

This goes on and on. Might be best to just give up if getting this 
error, but I don't know how general that solution would be.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86

Attachment: _bin
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: