ftp-brute script

[David Fifield <david () bamsoftware com>]

On Thu, Jan 22, 2009 at 12:20:04AM +0100, Vlatko Kosturjak wrote:
> David Fifield wrote:
> > On Fri, Nov 07, 2008 at 07:41:58PM +0100, Vlatko Kosturjak wrote:
> > > xampp-default-auth => ftp-auth
> > > (I just modified xampp-default-auth to be more generic, it's just
> > > default FTP user/check anyway, not some "real" vuln... ).
> > > Changed script is in attachment.
> > Thanks Vlatko. That's a good idea to give the script a more general
> > name. As it is the script still only checks for an XAMPP vulnerability
> > so I'll leave the name alone for now.
>
> In the meantime, I asked FX for approval to include FTP default
> passwords from his phenoelit dpl:
> http://www.phenoelit-us.org/dpl/
>
> So, I have made new version of the script which is in attachment.

I committed your code improvements. I used the name ftp-brute.nse rather
than ftp-auth.nse because this script acts much like our other brute
scripts.

I removed the nobody/e0e0e0e0 user name and password combination because
a web search shows nothing related to FTP passwords.

I do appreciate you taking the trouble to secure a password list. I left
it out of this version of the script; I'll send you another message
about that. What I would really like to have is some measurement of how
often each auth combination is found, so that only the most likely
credentials are tried. Otherwise the script can just get longer and
slower as new passwords are added to it, and once a password is on, it
can be hard to take it off again (like nobody/e0e0e0e0).

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org