Nmap Development mailing list archives
Re: Ncrack doesn't recognize 401 responses other than "Authorization Required"
From: David Fifield <david () bamsoftware com>
Date: Fri, 7 Aug 2009 18:44:51 -0600
On Sat, Aug 08, 2009 at 03:31:03AM +0300, ithilgore wrote:
ithilgore wrote:Another oddity is that after Ncrack had wrongly detected that the service didn't require authentication, it didn't just quit, but it continued to send HTTP_INIT probes (with no authentication) for all the authentication pairs.Indeed, this hasn't been yet implemented. While the module reports that it should end, the Ncrack core engine doesn't currently do anything to stop the service. Good thing you reminded me, so that I fix this soon.OK, I just finished adding this functionality. Now Ncrack will stop cracking a service if a module reports that. For example, running the http module against a directory that is not password protected will result in this: ./ncrack https://127.0.0.1 -d Starting Ncrack 0.01ALPHA ( http://ncrack.org ) at 2009-08-08 03:30 EEST https://127.0.0.1:443 will no longer be cracked because module reported that: File or directory requested doesn't seem to be password protected. (200 OK) https://127.0.0.1:443 Attempts: total 1 completed 1 supported 0 --- rate 375.94 Ncrack done: 1 service scanned in 3.00 seconds. Probes sent: 1 | timed-out: 0 | prematurely-closed: 0 Ncrack finished.
Great, it works for me just as you have described. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ncrack doesn't recognize 401 responses other than "Authorization Required" David Fifield (Aug 07)
- Re: Ncrack doesn't recognize 401 responses other than "Authorization Required" ithilgore (Aug 07)
- Re: Ncrack doesn't recognize 401 responses other than "Authorization Required" ithilgore (Aug 07)
- Re: Ncrack doesn't recognize 401 responses other than "Authorization Required" David Fifield (Aug 07)
- Re: Ncrack doesn't recognize 401 responses other than "Authorization Required" ithilgore (Aug 07)
- Re: Ncrack doesn't recognize 401 responses other than "Authorization Required" ithilgore (Aug 07)