Nmap Development mailing list archives
Re: Jiayi's Status Report - #3 of 17
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 18 May 2015 21:12:25 -0500
On Mon, May 18, 2015 at 9:00 PM, Jiayi Ye <yejiayily () gmail com> wrote:
* Discussed the script ideas with Paulino and decided to write
smb-enum-users-empty-password next.
Priorities:
* Start to write smb-enum-users-empty-password
("A common activity for pentesters going for Active Directories
is user enumeration of the domain controller. A script to automate the process of listing users and finding which
have empty passwords would save us time.”)
Jiayi, How is this different than the following? echo > blank.txt nmap -p445 --script smb-brute --script-args passdb=blank.txt $target I do think that smb-brute needs some work: SMB2 is not supported by NSE, and it would be nice to have script-args to support bruting discovered accounts (from smb-enum-users, etc) or for blank passwords or username==password checks. Dan [1] https://nmap.org/nsedoc/scripts/smb-brute.html
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Jiayi's Status Report - #3 of 17 Jiayi Ye (May 18)
- Re: Jiayi's Status Report - #3 of 17 Daniel Miller (May 18)
- Re: Jiayi's Status Report - #3 of 17 Paulino Calderon Pale (May 18)
- Re: Jiayi's Status Report - #3 of 17 Daniel Miller (May 18)