Nmap Development mailing list archives
Re: Brute force skip username as password check
From: Phil <mainframed767 () gmail com>
Date: Fri, 26 Aug 2016 12:37:41 -0700
Hi All, Never mind on this email I figured it out after reading the brute.lua source code. To disable this feature you can pass an engine option which will turn off ‘useraspass’ which is set to ‘true’ by default: engine.options:setOption("useraspass", false )
On Aug 26, 2016, at 12:06 PM, Phil <mainframed767 () gmail com> wrote: Is there a way when using brute.lua/unpwdb to skip the username as password check? I.e. If I have a password file with one password in it, The brute force script will still try to test the username as the password first before trying anything in the script arg passdb= is there a script arg to disable that check or a function in a script?
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Brute force skip username as password check Phil (Aug 26)
- Re: Brute force skip username as password check Phil (Aug 26)