Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password profiling in NSE

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 11 Jan 2017 21:54:16 -0600
Jacek, List,

I think this is a good idea, and I'm sorry that it got passed up. I've
added an issue to the tracker to get this merged, and I'd appreciate if
someone steps up and commits it. My only comments are:

1. I think that the default behavior should be to add the words without
mangling, since NSE brute-forcing should lean towards intelligence and
speed as opposed to thoroughness or never-ending streams of candidate
passwords. Mangling can be an additional option

2. Instead of a separate library, the storing and retrieval of these
password candidates should be done by unpwdb, so that even if a script
doesn't use brute.lua, it can still take advantage. This fits more with the
core purpose of unpwdb (wordlists and iterators) vs brute (timing and
reporting of creds). The mangling could be kept in a separate library,
perhaps.

3. The use of mangling could explode the size of the dictionary in memory.
I think it would be better to have an iterative mangling process similar to
how John the Ripper does it: first try all words as-is, then proceed
through mangling rules one at a time. This allows more-likely mangles to
happen first and means less memory is used. With this approach, mangling
wouldn't be limited to candidates discovered through profiling, but could
be applied to wordlist candidates as well.

I'd be excited just to see the profiling code added in to unpwdb. Mangling
can be done as a separate effort. That way we get something that works
up-front, and users can benefit right away.

Dan

On Tue, Dec 27, 2016 at 4:15 PM, Jacek Wielemborek <d33tah () gmail com> wrote:


W dniu 15.04.2016 o 06:25, George Chatzisofroniou pisze:

Hi guys,

I'm attaching a patch that introduces password profiling to NSE.


Hi,

Is there anything wrong with the patch or was it just missed on the
mailing list?

Cheers,
d33tah




_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: