Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pcanywhere-brute request for comments

From: Henri Doreau <henri.doreau () gmail com>
Date: Sat, 16 Jun 2012 09:17:03 +0200
2012/6/16 Aleksandar Nikolic <nikolic.alek () gmail com>:

[...]
And third, but most annoying, after it guesses a valid username/password
pair , the server is locked for quite some time, so the script retries
the connection
until the server is available again and it can continue.
Now, to resolve this last issue, there are two options:
1) The script quits after it finds one valid login
or
2) The script loops in a sort of busy wait until the server becomes
available again.

In it's current state, the script implements the second option.

Any thoughts on this ?

Hello,

selecting one of the two possible behaviors you describe should be
done with the brute.firstonly parameter.

Also, what do you mean by "quite some time"? If you detect this
behavior (pcAnywhere implementation) and if this value is always the
same between versions, then your code could just sleep() for this
duration? Or is there a need for an active sleep(<short time>) and
retry cycle?

Regards.

-- 
Henri
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: