Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: pcanywhere-brute request for comments
From: Henri Doreau <henri.doreau () gmail com>
Date: Sat, 16 Jun 2012 09:17:03 +0200

2012/6/16 Aleksandar Nikolic <nikolic.alek () gmail com>:
[...]
And third, but most annoying, after it guesses a valid username/password
pair , the server is locked for quite some time, so the script retries
the connection
until the server is available again and it can continue.
Now, to resolve this last issue, there are two options:
1) The script quits after it finds one valid login
or
2) The script loops in a sort of busy wait until the server becomes
available again.

In it's current state, the script implements the second option.

Any thoughts on this ?
Hello,

selecting one of the two possible behaviors you describe should be
done with the brute.firstonly parameter.

Also, what do you mean by "quite some time"? If you detect this
behavior (pcAnywhere implementation) and if this value is always the
same between versions, then your code could just sleep() for this
duration? Or is there a need for an active sleep(<short time>) and
retry cycle?

Regards.

-- 
Henri
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault