mailing list archives
Re: nse crypto
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 12 Mar 2011 17:56:30 +0200
Here is a new version that uses the brute library. I did not notice
any speed ups, but using the library seems a good idea anyway, as it
makes this work similarly to other scripts.
Should the library replace an empty password with <empty> when it is
reporting results? I though I should not do that, as the library could
define a standard way for doing such things.
On Fri, Mar 11, 2011 at 10:25 PM, David Fifield <david () bamsoftware com> wrote:
On Fri, Mar 11, 2011 at 02:29:39AM +0200, Toni Ruottu wrote:
I got the script written using openssl. In the end the crypto was
surprisingly manageable, compared to dealing with IPv6 addresses. :-)
I have attached the script to this email. I am running an instance of
nping echo server with password 12345 at 18.104.22.168 Feel free to
test the script against it by commanding
nmap 22.214.171.124 -p 9929 --script=nping-brute
Trying out passwords is somewhat slow, so testing with really easy
ones may be a good idea. Add -d -d to the command line to see
I tried it. It found the correct password after three guesses in 6
seconds. It seems to do about 1 guess per second on another server.
I think the way to speed it up is to use the brute.lua library. See
Patrik Karlsson's brute scripts for examples of using it.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/