Re: Ncrack telnet module

[nnposter <nnposter () users sourceforge net>]

On 6/15/17 4:29 PM, bgqueengeek wrote:
> Still not successful yet and I upgraded my nmap version. 
>
> Using the following syntax to attempt a single-threaded attempt:
>
> nmap -p 23 --max-parallelism 1 --script telnet-brute --script-args
> brute.passonly=true,passdb=testPasswords.txt <ip addy>

--max-parallelism is controlling the scanner itself, not the
brute-forcing worker threads. Add the following script arguments instead:

brute.threads=1
brute.start=1


> PORT   STATE SERVICE
> 23/tcp open  telnet
> | telnet-brute: 
> |   Accounts: No valid accounts found
> |_  Statistics: Performed 1 guesses in 164 seconds, average tps: 0.0

Something is seriously not working here. A single guess should not take
almost three minutes.


> Problem is I know the lone password in the testPasswords.txt file is the
> valid password.
>
> Checking the brute NSE library page for more ideas, but open to any.

This is hard to diagnose without more data. Can you provide a
pcap/pcapng of a single nmap run against the target together with nmap
output, while making sure that you are using the thread settings from
above and enabling debug logging with -ddd?

nmap -ddd -n -Pn -p23 --script telnet-brute --script-args
brute.passonly=true,brute.threads=1,brute.start=1,passdb=testPasswords.txt
<ip addy>

Feel free to send the two unedited files to me privately.


Cheers,
nnposter
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/