Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ncrack bug: Cisco banner makes ncrack revision 16899 dump cire

From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Mon, 01 Mar 2010 12:10:10 +0200
On 03/01/10 03:38, eric gisse wrote:

If one uses the current revision of ncrack to attempt to pentest a
Cisco router with a ssh banner as follows:

-----------------------------------------------------------------------
                               ||        ||
                               ||        ||
                              ||||      ||||
                          ..:||||||:..:||||||:..
                         c i s c o S y s t e m s
                     *****AUTHORIZED USERS ONLY*****

          If not authorized to access this system, disconnect now.

               YOU SHOULD HAVE NO EXPECTATION OF PRIVACY.
          By continuing, you consent to your keystrokes and
                    data content being monitored.

-----------------------------------------------------------------------
Password:

...ncrack will fail in this fashion, with the following command line arguments:

# ncrack -U users -P passes -iX scan.xml -p ssh -v -v -v -v -d10
--connection-limit 1

Starting Ncrack 0.01ALPHA ( http://ncrack.org ) at 2010-03-01 01:18 UTC

ssh://xxx.xxx.xxx.xxx:22 Initiating new Connection
ncrack: nsock_core.c:474: handle_write_result: Assertion `bytesleft > 0' failed.
Aborted (core dumped)

This seems to be a persistent problem. I don't know how to fix this
myself, so I'll just make a bug report. I'll gladly fill in more
details if requested.


Does that Cisco SSH server use SSH version 1?

-- ithilgore



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: