Re: using the credentials database

[Toni Ruottu <toni.ruottu () iki fi>]

What I'd like to see next, is support for feeding credentials into the
database from command line. I am sure this could be made into a really
hard design task, but maybe we do not need to support very complex use
cases. We could just support global credentials that would match all
services. How about --script-args creds.global=joe:secret,admin:123456

On Tue, Jun 28, 2011 at 12:04 AM, Patrik Karlsson <patrik () cqure net> wrote:
> On Jun 27, 2011, at 4:25 PM, Toni Ruottu wrote:
>
> > Do we have examples for using the credentials stored in the database?
> > Do I need to use the credentials explicitly when I am developing http
> > info scripts, or does the http library just log in for me if
> > authorization is required?
> >
> >  --Toni
> > _______________________________________________
> > Sent through the nmap-dev mailing list
> > http://cgi.insecure.org/mailman/listinfo/nmap-dev
> > Archived at http://seclists.org/nmap-dev/
>
>
> Hi Toni,
>
> I've added some documentation and a new function called getCredentials that will hopefully get you what you need.
> Let me know if there's anything else you find missing :)
>
> In regards to the http library, you need to se the credentials explicitly. Check out the http-brute script for an 
> example.
>
> //Patrik
> --
> Patrik Karlsson
> http://www.cqure.net
> http://www.twitter.com/nevdull77
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/