mailing list archives
Re: [NSE] password guessers for vulnerability scanners and exploitation frameworks
From: Vlatko Kosturjak <kost () linux hr>
Date: Thu, 10 Nov 2011 10:36:11 +0100
On Thu, Nov 10, 2011 at 08:23:34AM +0100, Patrik Karlsson wrote:
I'll check your scripts out later today!
In regards to Nessus NTP I believe I was seeing that the account could not
be reliably detected in case the dictionary was big and the brute ran with
multiple threads for a while. I'll see if I can find that out for you and
let you know.
Great and Thanks!
I would like to investigate that behaviour since I did not experience it
with the Perl script and NSE.
BTW Since you're the NSE master ;) is there any way to force https directly
from the script when using http.post? That would mitigate the current problem
I mentioned, but not sure if that's the long term solution for this or for
any other script.
Vlatko Kosturjak - KoSt
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/