Home page logo

nmap-dev logo Nmap Development mailing list archives

[NSE] http-form-brute
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 12 Jun 2011 20:53:45 +0200

Hi all,

I've just committed an updated version of the http-form-brute (as r23914) that I've been working on lately.
It began with Pablo Ares reporting a problem running it against a router he had.
One change led to another and I ended up spending quite some time re-working the script.
I've done some testing myself and Pablo has helped out testing to.
The new version is more stable and introduces the following new functionality:
- autodetecting form fields is now a bit more robust
- only the password field is mandatory
- HTTP re-directs are followed in case they're detected
- the detection of incorrect login attempts has been changed and supports two new arguments (onsucces, onfailure)

The onsuccess and onfailure arguments may be useful when the script can't automatically determine whether a login was 
successful or not.

Patrik Karlsson

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • [NSE] http-form-brute Patrik Karlsson (Jun 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]