Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Please help
From: Hani Benhabiles <kroosec () gmail com>
Date: Fri, 01 Jun 2012 23:15:43 +0100

On 05/31/2012 10:10 PM, David Fifield wrote:
On Thu, May 31, 2012 at 09:35:42PM +0100, Hani Benhabiles wrote:
On 05/31/2012 09:31 PM, James Rogers wrote:
http://nmap.org/nsedoc/scripts/http-brute.html

 From the code http://nmap.org/svn/scripts/http-brute.nse :
local path = nmap.registry.args['http-brute.path']

if ( not(path) ) then
                return "  \n  ERROR: No path was specified (see http-brute.path)"
        end

So it appears that you are getting an error message because there is
no registry key of 'http-brute.path'.

On what operating system/version are you running the command?


On Thu, May 31, 2012 at 7:49 AM, M.Younas Imran<myimran () yahoo com>   wrote:
Hello! If I have bothered you by any mean, I am realy sorry, but either solve my problem or direct me to the URL,
my problem:

Starting Nmap 5.61TEST5 ( http://nmap.org ) at 2012-05-31 16:43 PKT
Nmap scan report for 192.168.202.240
Host is up (0.00085s latency).
PORT   STATE SERVICE
80/tcp open  http
| http-brute:
|_  ERROR: No path was specified (see http-brute.path)



I do not understand the ERROR message.
Thank you.
Regards.
Younas.
It means he should use --script-args="/somepath"

And thinking about it, the path should be default to root like most
other http scripts.

local path = nmap.registry.args['http-brute.path'] or "/"
I believe that http-brute requires a script argument by design, to
reduce the chance that you run it accidentally.

David Fifield
I don't it is necessary, given that there is already a generic test before launching the brute force.

if ( response.status ~= 401 ) then
return (" \n Path \"%s\" does not require authentication"):format(path)
end


Cheers,
Hani.

--
Hani Benhabiles

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]