Nmap Development mailing list archives
Re: [ncrack] Exclude accounts
From: ithilgore - <ithilgore.ryu.l () gmail com>
Date: Thu, 21 Apr 2011 22:33:29 +0300
On Thu, Apr 21, 2011 at 9:10 PM, ambarisha b <b.ambarisha () gmail com> wrote:
Hi, With ncrack, is there a way to avoid trying out all the passwords on "anonymous" account for anonymous ftp? Perhaps, an option to exclude some accounts? Ambarisha
Hello Ambarisha. As of now there is no automatic way of excluding specific usernames or passwords, other than removing them explicitly from the equivalent list files. However, the task of handling specifically 'anonymous' accounts is already in the TODO list: * Handle username validation for services. For example, if an FTP server is anon only or if we enumerate SMB users, or some service gives a user does not exist error, we should probably not waste time trying to crack such users against those services. We need to figure out how this works when multiple services/hosts are being cracked at the same time. Regards, ithilgore _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [ncrack] Exclude accounts ambarisha b (Apr 21)
- Re: [ncrack] Exclude accounts ithilgore - (Apr 21)
- Re: [ncrack] Exclude accounts ambarisha b (Apr 21)
- Re: [ncrack] Exclude accounts ithilgore - (Apr 23)
- Re: [ncrack] Exclude accounts ambarisha b (Apr 21)
- Re: [ncrack] Exclude accounts ithilgore - (Apr 21)