Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Username/Password NSE library
From: Fyodor <fyodor () insecure org>
Date: Tue, 24 Jun 2008 12:42:08 -0700

On Tue, Jun 24, 2008 at 02:31:40PM -0500, Kris Katterjohn wrote:

This is IMO a good idea which I hadn't considered.  What about having the
closure reset back to the beginning when the list is exhausted?  It can return
nil to let the caller know the list is over, but if it still gets called again
it will just recycle through.  One thing about this, though, is that there is
no manual rewinding: you have to go through the whole list to start back
again.  But this should be fine for your specific brute-force method example,

Hi Kris.  That's an interesting idea, but I think a manual reset
function would be better.  As you point out, the implicit reset is a
pain if your script only tries, say, the first 100 passwords for each
username.  You shouldn't have to cycle through thousands more
passwords just to get to the beginning again for the next username.

Also, I think the code is easier to read and understand if the script
has to call reset manually than if it relies on magic side effects
like this.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]