Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] http-form-brute

From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 12 Jun 2011 20:53:45 +0200
Hi all,

I've just committed an updated version of the http-form-brute (as r23914) that I've been working on lately.
It began with Pablo Ares reporting a problem running it against a router he had.
One change led to another and I ended up spending quite some time re-working the script.
I've done some testing myself and Pablo has helped out testing to.
The new version is more stable and introduces the following new functionality:
- autodetecting form fields is now a bit more robust
- only the password field is mandatory
- HTTP re-directs are followed in case they're detected
- the detection of incorrect login attempts has been changed and supports two new arguments (onsucces, onfailure)

The onsuccess and onfailure arguments may be useful when the script can't automatically determine whether a login was 
successful or not.

//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: