Nmap Development mailing list archives
ftp-brute.nse overhaul
From: Ron <ron () skullsecurity net>
Date: Fri, 18 Sep 2009 14:54:34 -0500
Hi all,I was investigating a way to improve the ftp scripts today, when I noticed that ftp-brute.nse was only checking one account. So, as I love doing, I took it apart and put it back together. Now it uses the unpwdb database.
I ran into an issue that I was hoping somebody could test on other servers and give opinions on: vsftp responds *very* slowly (about 1 second/request), so to run through all 2000 combinations of usernames/passwords would take hours. For that reason, for now, I artificially limited the checks to the first 10 usernames + passwords (with a script-arg to increase that).
So, I'm wondering:* Is this the case on servers besides vsftp as well? If other servers are faster, I'll add some code to detect the behaviour and change the limits * Is this an acceptable solution? Or does somebody have a better way of doing it? * Should this type of function be built right into unpwdb, or done on a per-script basis? I'd like to revamp unpwdb at some point * Would this be a case to experiment with multi-threaded scripts? Does that capability exist yet? (I haven't looked into Lua threading)
I checked in my changes for now, since they are a significant improvement over what was there, but this can still use some work
Ron _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- ftp-brute.nse overhaul Ron (Sep 18)
- Re: ftp-brute.nse overhaul Fyodor (Sep 18)
- Re: ftp-brute.nse overhaul Patrick Donnelly (Sep 18)
- Re: ftp-brute.nse overhaul Ron (Sep 18)
- Re: ftp-brute.nse overhaul Fyodor (Sep 18)
- Re: ftp-brute.nse overhaul Ron (Sep 18)
- Re: ftp-brute.nse overhaul Patrick Donnelly (Sep 18)
- Re: ftp-brute.nse overhaul Fyodor (Sep 18)
- Re: ftp-brute.nse overhaul Ron (Sep 18)