Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: RFC on Ncrack, A new network authentication cracker
From: Corey Chandler <lists () sequestered net>
Date: Tue, 28 Apr 2009 10:28:54 -0700

Fyodor wrote:

o Like the rest of the Nmap suite, it needs to be portable.  Binaries
  must be provided for Linux, Windows, and Mac and the source should
  properly compile on the other major operating systems.

I have spare cycles on Mac, BSD, Linux (32 and 64 bit), and the occasional OpenSolaris box that I'd be willing to invest some debug / compilation testing with.

o It should take inspiration from tools such as Hydra, Cain, and John
  as they certainly do some things right.  We should take the best
  from each, and add our own great ideas and strong implementation.

This may be wildly out of scope, but something I'd ADORE is being able to run it locally against a flatfile (/etc/shadow, for instance) in a similar method as to John the Ripper-- but what John gets wrong, ncrack could do right. Specifically, if you've ever attempted a brute forcing run against a hashed file on modern hardware, you may have noticed that John doesn't take advantage of multiple cores. Back in 2000 that was fine, but coming up on a decade later, I've got boxes with eight cores sitting around idle that it'd be GREAT to be able to say "thread it to use three of those processors." No matter how I play with John, I can't seem to get it to use my (bored silly) quad core box correctly...

Corey Chandler / KB1JWQ
Living Legend / Systems Exorcist
Today's Excuse: The POP server is out of Coke

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]