Nmap Development mailing list archives

Re: backorifice-brute NSE script

From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 2 May 2011 21:40:13 -0500

On Mon, May 2, 2011 at 9:13 PM, David Fifield <david () bamsoftware com> wrote:



The found password is saved in nmap.registry.backorificepassword; what
happens if the script is run against two hosts at once?


This reminds me of an idea I had, but which I do not have plans of pursuing.
With all the brute-* scripts and the unpwdb, could NSE support something
like Metasploit's Creds table? Records consist of username, password, and
service, where service a foreign-key relationship with a record defined by
host, port, and protocol (more or less). This would make a common solution
to questions like this, and would offer the opportunity for closer
integration with Metasploit, perhaps through a postrule.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

backorifice-brute NSE script Gorjan Petrovski (May 02)
- Re: backorifice-brute NSE script Patrick Donnelly (May 02)
  - Re: backorifice-brute NSE script David Fifield (May 02)
    - Re: backorifice-brute NSE script Daniel Miller (May 02)
    - Re: backorifice-brute NSE script Patrik Karlsson (May 03)
    - Re: backorifice-brute NSE script Patrik Karlsson (May 09)
    - Re: backorifice-brute NSE script Gorjan Petrovski (May 04)
  - Re: backorifice-brute NSE script Gorjan Petrovski (May 04)
    - Re: backorifice-brute NSE script Patrick Donnelly (May 04)
    - Re: backorifice-brute NSE script Gorjan Petrovski (May 04)
    - Re: backorifice-brute NSE script Toni Ruottu (May 04)
    - Re: backorifice-brute NSE script Patrick Donnelly (May 04)
    - Re: backorifice-brute NSE script Gorjan Petrovski (May 05)
- Re: backorifice-brute NSE script Vlatko Kosturjak (May 04)

(Thread continues...)