Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: pcanywhere-brute request for comments
From: Hani Benhabiles <kroosec () gmail com>
Date: Sat, 16 Jun 2012 00:42:12 +0100

On 06/16/2012 12:34 AM, Aleksandar Nikolic wrote:
Hi all,


And third, but most annoying, after it guesses a valid username/password
pair , the server is locked for quite some time, so the script retries
the connection
until the server is available again and it can continue.
Now, to resolve this last issue, there are two options:
1) The script quits after it finds one valid login
or
2) The script loops in a sort of busy wait until the server becomes
available again.

In it's current state, the script implements the second option.

Any thoughts on this ?
Hi Aleks,

I think that a script argument for choosing between the two options with a default value to one of them would be a wise choice. I would argue that the first option of stopping the brute after a valid guess should be the default option, but that is up to you to see how long is the wait after a valid login.

Cheers,
Hani.

--
Hani Benhabiles

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]