Re: nmap http auth update

[David Fifield <david () bamsoftware com>]

On Tue, Dec 02, 2008 at 11:53:53AM -0500, Vishal Nandwani wrote:
> Attached in this e-mail is an NSE script titled http-dict.nse.  It updates
> the http auth script to include md5 as well as a larger dictionary.  We hope
> the community finds this useful and that the script is considered for code
> integration into the next version of nmap.

Thank you for your contribution. It is most welcome. I tried out your
modified script and it worked for me. I'd like to see it included with
Nmap. There are a few changes I'd like you to make before it is
included.

Your updated script is based on a slightly old version of http-auth.nse
and it doesn't have some recent improvements from Vlatko Kosturjak. Can
you make your changes again based on r10954 from 2008-11-07?

Before adding any new user names and passwords to the script, I want to
see measurements showing that they occur frequently, or at least
documentation as to what devices use each authentication pair. It's easy
to add new user names and passwords, but each one incurs a cost in run
time and network traffic. Please leave the expanded dictionaries out of
your updated submission.

Where did the value for cnonce ("f5d6811482d3ab57d18f06dfe240f390") come
from? If it's meant to be random then you could use openssl.rand_bytes
or openssl.rand_pseudo_bytes.

Don't be discouraged. We often ask for changes to patches before they
are accepted. Thanks again for your improvements. I look forward to
merging the next version of your script.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org