Nmap Development mailing list archives
Re: Nmap Erros on URI using NSE
From: Shritam Bhowmick <shritam.bhowmick () gmail com>
Date: Fri, 15 Aug 2014 17:29:55 +0530
Okay, at last I modified the code. Nnposter is correct if gives you out the credentials, but there's something missing to the script, I ran the test over 20 times by now and I hit 5 successful attempts and rest 15 were false positives: look at the results here: Invalid with same code: http://s22.postimg.org/pq7q8x2y9/invalid.png Valid with same code: http://s7.postimg.org/6b864ls0b/vlid.png What's wrong? Regards Shritam Bhowmick Founder at OpenFire Technologies. Penetration Tester at+OpenFire Security. Web Application Analysis and Research. www.openfire-security.net http://forum.openfire-security.net The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). It may contain proprietary, confidential, privileged information or other information subject to legal restrictions. If you are not the intended recipient of this message, please do not read, copy, use or disclose this message or its attachments. Please notify the sender immediately and delete all copies of this message and any attachments. This e-mail message including attachment(s), if any, is believed to be free of any virus. However, it is the responsibility of the recipient to ensure for absence of viruses. OpenFire Technologies shall not be held responsible nor does it accept any liability for any damage arising in any way from its use. On Fri, Aug 15, 2014 at 12:42 AM, Shritam Bhowmick < shritam.bhowmick () gmail com> wrote:
Hey I need the whole revised code. I just cannot figure updating the nmap scripts with nmap --script-dbupdate Damn me. Regards Shritam Bhowmick Founder at OpenFire Technologies. Penetration Tester at+OpenFire Security. Web Application Analysis and Research. www.openfire-security.net http://forum.openfire-security.net The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). It may contain proprietary, confidential, privileged information or other information subject to legal restrictions. If you are not the intended recipient of this message, please do not read, copy, use or disclose this message or its attachments. Please notify the sender immediately and delete all copies of this message and any attachments. This e-mail message including attachment(s), if any, is believed to be free of any virus. However, it is the responsibility of the recipient to ensure for absence of viruses. OpenFire Technologies shall not be held responsible nor does it accept any liability for any damage arising in any way from its use. On Thu, Aug 14, 2014 at 11:36 PM, Robin Wood <robin@digi.ninja> wrote:Does the script check the files exist and can be read? On 14 Aug 2014 19:04, <nnposter () users sourceforge net> wrote:FWIW, the script is working as expected for me: http-form-brute.path=/lab/webapp/1 http-form-brute.method=get http-form-brute.passvar=password http-form-brute.uservar=email http-form-brute.onfailure=Failed! PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-form-brute: | Accounts | admin () PentesterAcademy com:zzzxy - Valid credentials | Statistics |_ Performed 481 guesses in 43 seconds, average tps: 11 Final times for host: srtt: 0 rttvar: 3750 to: 100000 Cheers, nnposter _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap Erros on URI using NSE, (continued)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE nnposter (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 14)
- Re: Nmap Erros on URI using NSE nnposter (Aug 14)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 15)
- Re: Nmap Erros on URI using NSE nnposter (Aug 18)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 19)