Nmap Development mailing list archives
Re: Question about unpwdb filter_iterator
From: Phil <mainframed767 () gmail com>
Date: Wed, 22 Apr 2015 14:53:20 -0700
Hey Dan, I just downloaded and compiled the latest nmap and will confirm that your change fixed the issue: NSE: [node-brute 10.10.0.21:23] Checking: root NSE: [node-brute 10.10.0.21:23] Checking: admin NSE: [node-brute 10.10.0.21:23] Checking: administrator NSE: [node-brute 10.10.0.21:23] Checking: webadmin Usually the script would die at administrator, thanks for the fix!
On Apr 16, 2015, at 8:28 PM, Daniel Miller <bonsaiviking () gmail com> wrote: Phil, I checked, and we have no scripts that currently use unpwdb.filter_iterator(). I'd guess nobody thought through the implications of its current behavior. What it does is not really filter, but rather transforms each invalid entry to nil. This makes it really impossible to tell when the iterator is done, since a nil return is supposed to be a signal that the iterator is done. I've just pushed a change to fix this; in the meantime, you can use this function instead of unpwdb.filter_iterator(): function filter_iterator (iterator, filter) return function (command) if command == "reset" then iterator "reset" else local val = iterator(command) while val and not filter(val) do val = iterator(command) end return val end end end (I realize now that it's still over-complicated, since the reset case should return nil, but this is what I came up with at the moment, and it's still correct.) Dan On Thu, Apr 16, 2015 at 5:51 PM, Phil <mainframed767 () gmail com <mailto:mainframed767 () gmail com>> wrote: I’m writing a few scripts for mainframe activities and they have some really interesting rules for usernames/password. I’m working on a brute force script and for now want to limit usernames to only contain characters/numbers and be less than or equal to eight chars in length. Should be easy: local valid_name = function(x) local patt = "[%w]" return (string.len(x) <= 8 and string.match(x,patt)) end later in action = function( host, port ) I put this: local users = unpwdb.filter_iterator(brute.usernames_iterator(),valid_name) And in my usernames.lst file I have 7 users: root admin administrator webadmin sysadmin netadmin test Now, what I expected to happen is that it would iterate through root, admin, webadmin, sysadmin, netadmin and test. In reality, filter_iterator returns root and admin, then nil and my script ends after only testing those two users. Am I doing something wrong? Am I misunderstanding how filter_iterator works? For now I’m working around it by placing a check in the login function for brute but I don’t think thats the right way to do it. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev <https://nmap.org/mailman/listinfo/dev> Archived at http://seclists.org/nmap-dev/ <http://seclists.org/nmap-dev/>
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Question about unpwdb filter_iterator Phil (Apr 16)
- Re: Question about unpwdb filter_iterator Daniel Miller (Apr 17)
- Message not available
- Re: Question about unpwdb filter_iterator Phil (Apr 22)