Nmap Development mailing list archives

Re: [NSE] new scripts and libraries: brute library

From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 20 Aug 2010 19:59:00 +0200


On 20 aug 2010, at 18.56, David Fifield wrote:

On Fri, Aug 20, 2010 at 12:11:53AM +0200, Patrik Karlsson wrote:


On 18 aug 2010, at 18.05, David Fifield wrote:

So if a socket error occurs we need to report an error back to the engine.
If the retry attribute is set using the setRetry on the error object
the engine will retry the credential.
When max_retries (default 3, can be modified with argument) is
reached, the engine aborts.


How does the login method distinguish the two failure modes: (1) access
denied, and (2) socket error. I want (2) to be retried, but not (1).


This is really up to the driver, it needs to be able to determine (at
a protocol level) whether the login was denied or if there was a
socket error.
The login method in the Driver the needs to adjust the Error object
appropriately before returning it to the Engine.


This is where I'm confused. How do I adjust the Error object to reflect
both of the two states? Can you provide code examples?


This is from vnc-brute:

                if ( not(status) and data:match("Too many authentication failures") ) then
                        local err = brute.Error:new( data )
                        err:setAbort( true ) -- Aborts the scan
                        return false, err                       
                elseif ( not(status) ) then
                        local err = brute.Error:new( "VNC handshake failed" )
                        -- This might be temporary, set the retry flag
                        err:setRetry( true ) -- Signals the engine to retry
                        return false, err
                end

                .
                .
                .

                -- Return a simple error, no retry needed
                return false, brute.Error:new( "Incorrect password" ) 


... and to save you an e-mail, I've added it to the top of the brute library and commited it as r19911 :)

David Fifield



//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [NSE] new scripts and libraries: service probes, (continued)
- - - Re: [NSE] new scripts and libraries: service probes David Fifield (Aug 18)
    - Re: [NSE] new scripts and libraries: service probes Patrik Karlsson (Aug 19)
- Re: [NSE] new scripts and libraries: brute library David Fifield (Aug 11)
  - Re: [NSE] new scripts and libraries: brute library David Fifield (Aug 11)
    - Re: [NSE] new scripts and libraries: brute library Ron (Aug 11)
  - Re: [NSE] new scripts and libraries: brute library Ron (Aug 11)
  - Re: [NSE] new scripts and libraries: brute library Patrik Karlsson (Aug 14)
    - Re: [NSE] new scripts and libraries: brute library David Fifield (Aug 18)
    - Re: [NSE] new scripts and libraries: brute library Patrik Karlsson (Aug 19)
    - Re: [NSE] new scripts and libraries: brute library David Fifield (Aug 20)
    - Re: [NSE] new scripts and libraries: brute library Patrik Karlsson (Aug 20)
    - Re: [NSE] new scripts and libraries: brute library David Fifield (Aug 21)
- Re: [NSE] new scripts and libraries: vnc David Fifield (Aug 11)
  - Re: [NSE] new scripts and libraries: vnc Patrik Karlsson (Aug 14)
    - Re: [NSE] new scripts and libraries: vnc Henri Salo (Aug 14)
    - Re: [NSE] new scripts and libraries: vnc Patrik Karlsson (Aug 14)
- Re: [NSE] new scripts and libraries: http David Fifield (Aug 12)
  - Re: [NSE] new scripts and libraries: http Patrik Karlsson (Aug 19)
    - Re: [NSE] new scripts and libraries: http David Fifield (Sep 06)
  - Message not available
    - Re: [NSE] new scripts and libraries: http DePriest, Jason R. (Sep 06)
    - Re: [NSE] new scripts and libraries: http David Fifield (Sep 06)

(Thread continues...)