bug in irc-brute

[Sabian Syionide <kryptrulzalot () hotmail com>]

Hi there, I can't seem to get this script to work under any circumstance. as an example my server uses unrealircd 
v:3.2.9

To make this as simple as possible I'm attempting to crack a test account using ONLY the exact right user/pass in the 
file. Therefore it can't possible get wrong on anything other than first guess.

So.. the problem? ::

nmap -d --script irc-brute.nse -p 6667 xxx.xxx.xxx.xxx

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-01-18 01:16 AKST
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating Ping Scan at 01:16
Scanning irc.hostename.org (xxx.xxx.xxx.xxx) [4 ports]
Packet capture filter (device wlan0): dst host 192.168.xxx.xxx and (icmp or icmp6 or ((tcp or udp or sctp) and (src 
host xxx.xxx.xxx.xxx)))
We got a ping packet back from xxx.xxx.xxx.xxx: id = 37077 seq = 0 checksum = 28458
Completed Ping Scan at 01:16, 0.20s elapsed (1 total hosts)
Overall sending rates: 19.99 packets / s, 759.50 bytes / s.
mass_rdns: Using DNS server 192.168.227.1
Initiating Parallel DNS resolution of 1 host. at 01:16
mass_rdns: 0.17s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 01:16, 0.17s elapsed
DNS resolution of 1 IPs took 0.17s. Mode: Async [#: 1, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating SYN Stealth Scan at 01:16
Scanning irc.domain.org (xxx.xxx.xxx.xxx) [1 port]
Packet capture filter (device wlan0): dst host 192.168.x.x and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 
xxx.xxx.xxx.xxx)))
Discovered open port 6667/tcp on xxx.xxx.xxx.xxx
Completed SYN Stealth Scan at 01:16, 0.20s elapsed (1 total ports)
Overall sending rates: 5.00 packets / s, 220.14 bytes / s.
NSE: Script scanning xxx.xxx.xxx.xxx
NSE: Starting runlevel 1 (of 1) scan.
NSE: Starting irc-brute against xxx.xxx.xxx.xxx:6667.
Initiating NSE at 01:16
NSE: irc-brute against xxx.xxx.xxx.xxx:6667 threw an error!
/usr/local/share/nmap/scripts/irc-brute.nse:115: bad argument #1 to 'format' (number expected, got nil)
stack traceback:
        [C]: in function 'format'
        /usr/local/share/nmap/scripts/irc-brute.nse:115: in function 'needsPassword'
        /usr/local/share/nmap/scripts/irc-brute.nse:121: in function </usr/local/share/nmap/scripts/irc-brute.nse:119>
        (tail call): ?

Completed NSE at 01:17, 15.41s elapsed

/snip/


And with other daemons I simply get: 

/snip/

6667/tcp open  irc     syn-ack
| irc-brute: 
|_  ERROR: Failed to check password requirements, unknown code (1)
Final times for host: srtt: 192256 rttvar: 144491  to: 770220

/snip/

I can't code lua. I can understand most of it but.. not really sure what's going on here. I keep an eye on my inbox 
incase anybody responds to this,

sincerely, myself.











                                          
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/