Nmap Development mailing list archives
Re: ncrack bug: Cisco banner makes ncrack revision 16899 dump cire
From: ithilgore <ithilgore.ryu.l () gmail com>
Date: Mon, 01 Mar 2010 12:10:10 +0200
On 03/01/10 03:38, eric gisse wrote:
If one uses the current revision of ncrack to attempt to pentest a Cisco router with a ssh banner as follows: ----------------------------------------------------------------------- || || || || |||| |||| ..:||||||:..:||||||:.. c i s c o S y s t e m s *****AUTHORIZED USERS ONLY***** If not authorized to access this system, disconnect now. YOU SHOULD HAVE NO EXPECTATION OF PRIVACY. By continuing, you consent to your keystrokes and data content being monitored. ----------------------------------------------------------------------- Password: ...ncrack will fail in this fashion, with the following command line arguments: # ncrack -U users -P passes -iX scan.xml -p ssh -v -v -v -v -d10 --connection-limit 1 Starting Ncrack 0.01ALPHA ( http://ncrack.org ) at 2010-03-01 01:18 UTC ssh://xxx.xxx.xxx.xxx:22 Initiating new Connection ncrack: nsock_core.c:474: handle_write_result: Assertion `bytesleft > 0' failed. Aborted (core dumped) This seems to be a persistent problem. I don't know how to fix this myself, so I'll just make a bug report. I'll gladly fill in more details if requested.
Does that Cisco SSH server use SSH version 1? -- ithilgore _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ncrack bug: Cisco banner makes ncrack revision 16899 dump cire eric gisse (Feb 28)
- Re: ncrack bug: Cisco banner makes ncrack revision 16899 dump cire ithilgore (Mar 01)