Nmap Development mailing list archives
[NSE scripts] new script -- ipmi-dump-hashes.nse
From: Števaňák Roman <stevanak2 () uniba sk>
Date: Sat, 13 Jul 2019 17:51:21 +0000
Hello, I implemented a script from "Script ideas" page, "Solid candidates" section. In the attachment is a patch file, as was required. My script dumps user password hashes for supplied usernames from BMC supporting IPMI 2.0, in a format that can be pasted directly into password cracking tool hashcat. The implementation was tested on VirtualBMC (https://docs.openstack.org/tripleo-docs/latest/install/environments/virtualbmc.html) in version 1.5.0 . It should allow for dumping hashes and then cracking them using offline attack, unlike with ipmi-brute, which sends request for each password. That way it should be more discreet and faster. Please let me know what do you think of the script or what should be improved for it to be merged. Kind regards, Roman Števaňák
Attachment:
nmap.patch
Description: nmap.patch
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE scripts] new script -- ipmi-dump-hashes.nse Števaňák Roman (Jul 16)