mailing list archives
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 12 Jun 2011 20:53:45 +0200
I've just committed an updated version of the http-form-brute (as r23914) that I've been working on lately.
It began with Pablo Ares reporting a problem running it against a router he had.
One change led to another and I ended up spending quite some time re-working the script.
I've done some testing myself and Pablo has helped out testing to.
The new version is more stable and introduces the following new functionality:
- autodetecting form fields is now a bit more robust
- only the password field is mandatory
- HTTP re-directs are followed in case they're detected
- the detection of incorrect login attempts has been changed and supports two new arguments (onsucces, onfailure)
The onsuccess and onfailure arguments may be useful when the script can't automatically determine whether a login was
successful or not.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- [NSE] http-form-brute Patrik Karlsson (Jun 12)