Home page logo
/

nmap-dev logo Nmap Development mailing list archives

http-brute fails on json-rpc
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Mon, 21 Mar 2011 21:57:20 +0200

I tested http-brute script against a json-rpc service. The script
failed to detect the valid credentials. It tried the correct
credentials against the daemon, but the payload was an invalid
json-rpc message so the daemon returned code 500 (~parse error). I
have attached a patch that fixes the problem by adding code 500 to
indicate success. The original code has a comment that discusses the
problem. The comment mentions that code 500 is a likely candidate for
being added in the future. If the patch is applied the comment should
probably be updated as well, but I left it as it is for now.

There may still be some other codes that deserve to be among the ones
that indicate success. We could create a heuristic that tests a few
long random strings against a service to see which codes are returned
on failure. We could then interpret any other codes as success. At
least we could print such candidates to debugging output.

  --Toni

Attachment: http-brute-code500.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • http-brute fails on json-rpc Toni Ruottu (Mar 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault