Re: Ncrack --resume option

[David Fifield <david () bamsoftware com>]

On Wed, Aug 05, 2009 at 05:28:20AM +0300, ithilgore wrote:
> Michael Pattrick wrote:
> > Hey ithilgore,
> >
> > Sorry for not reading the source code prior to sending this message,
> > but why can’t you just store your current position in the
> > username/password list? Do you try them out randomly?
>
> That is not as easy as it sounds because:
>
> 1) Each target has its own set of pointers, so you need to store a pair of
> pointers for each of them.
>
> 2) Ncrack uses a pool of username/password pairs to handle the case where an
> authentication attempt is dropped before finishing, which means that that pair
> has to be tried out again to achieve 100% accuracy. That pool is a dynamic
> structure (actually an stl list) which needs to be saved as well for each of the
> targets.
>
> 3) There are other dynamic parameters too, that will probably need to be stored
> as well.

Those are good points. I agree that the authentication pool makes it
difficult. I guess it could simply be written out if it doesn't grow too
big. I also think you are right that some kind of serialization is
required. You can't just write out a space-separated list of auth pairs
because user names and passwords may contain whitespace.

The dynamic parameters are another difficulty. If they are things like
timing parameters, I would argue that you should reset them to default
values after resuming anyway, both to save space and because they may
not be current anymore when the session is resumed.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org