Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Brute force skip username as password check

From: Phil <mainframed767 () gmail com>
Date: Fri, 26 Aug 2016 12:37:41 -0700
Hi All,

Never mind on this email I figured it out after reading the brute.lua source code.

To disable this feature you can pass an engine option which will turn off ‘useraspass’ which is set to ‘true’ by 
default:

engine.options:setOption("useraspass", false )


On Aug 26, 2016, at 12:06 PM, Phil <mainframed767 () gmail com> wrote:

Is there a way when using brute.lua/unpwdb to skip the username as password check? I.e. If I have a password file 
with one password in it, The brute force script will still try to test the username as the password first before 
trying anything in the script arg passdb= is there a script arg to disable that check or a function in a script?

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: