Ncrack HTTP Auth Success Detection

[Joe Savage <joe () reinterpretcast com>]

Hey,

I've been using ncrack's HTTP module to bruteforce some HTTP Basic
Authentication with a simple password dictionary, so I'm using a command
such as the following:

`ncrack --user username -P wordlist.txt http://domain.tld:port,path=/path/`

The issue I'm having is that ncrack doesn't seem to be able to detect
differences between password successes and failures - listing all the
attempted user/pass combinations after the attack - as the server returns
messages in both cases (one indicating failure, and the other being the
password protected page). I know the message returned in cases of failure,
but is there any way I can make ncrack aware of this so it can only output
any password successes to me?

I feel like I must be missing some obvious piece of functionality or
something here, as the way I'm using the tool at current means I can
get literally no use out of the HTTP module.

Any help or advice would be appreciated. Thanks.
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/