Nmap Development mailing list archives
New NSE script: http-default-accounts.nse - Default account access checker
From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 01 Jul 2011 16:47:36 -0700
Hi nmap-dev,I'm attaching http-default-accounts.nse , the purpose of this script is to help us check for applications or devices left with default credentials. It works similar to http-enum by matching known paths to detect applications and it is less invasive than a brute force attack.
description = [[http-default-accounts tests for access with default credentials in a variety of web applications and devices.
It works similar to http-enum, we detect applications by matching known paths and launching a login routine with default credentials when found. This script depends on a fingerprint file containing the target's information: name, category, location paths, default credentials and login routine.
You may select a category if you wish to reduce the number of requests. We have categories like:
* <code>web</code> - Web applications * <code>router</code> - Routers * <code>voip</code> - VOIP devices * <code>security</code>Please help improve this script by adding new entries to nselib/data/http-default-accounts.lua
Remember each fingerprint must have: * <code>name</code> - Descriptive name * <code>category</code> - Category * <code>login_combos</code> - Table of login combinations* <code>paths</code> - Paths table containing the possible location of the target
* <code>login_check</code> - Login function of the targetDefault fingerprint file: /nselib/data/http-default-accounts-fingerprints.lua
-- @output -- PORT STATE SERVICE REASON -- 80/tcp open http syn-ack-- |_http-default-accounts: [Cacti] credentials found -> admin:admin Path:/cacti/
-- Final times for host: srtt: 94615 rttvar: 71012 to: 378663 These files were commited to /nmap as r24559 and 24558. -- Paulino Calderón Pale Web: http://calderonpale.com Twitter: http://www.twitter.com/paulinocaIderon
Attachment:
http-default-accounts.nse
Description:
Attachment:
http-default-accounts-fingerprints.lua
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New NSE script: http-default-accounts.nse - Default account access checker Paulino Calderon (Jul 01)
- Re: New NSE script: http-default-accounts.nse - Default account access checker Gutek (Jul 02)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Paulino Calderon (Jul 16)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Shinnok (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Shinnok (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Hani Benhabiles (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Paulino Calderon (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Shinnok (Jul 23)