Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE scripts] new script -- ipmi-dump-hashes.nse

From: Števaňák Roman <stevanak2 () uniba sk>
Date: Sat, 13 Jul 2019 17:51:21 +0000
Hello,

I implemented a script from "Script ideas" page, "Solid candidates" section. In the attachment is a patch file, as was 
required.

My script dumps user password hashes for supplied usernames from BMC supporting IPMI 2.0, in a format that can be 
pasted directly into password cracking tool hashcat. The implementation was tested on VirtualBMC 
(https://docs.openstack.org/tripleo-docs/latest/install/environments/virtualbmc.html) in version 1.5.0 . It should 
allow for dumping hashes and then cracking them using offline attack, unlike with ipmi-brute, which sends request for 
each password. That way it should be more discreet and faster.

Please let me know what do you think of the script or what should be improved for it to be merged.

Kind regards,
Roman Števaňák

Attachment: nmap.patch
Description: nmap.patch

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: