mailing list archives
Re: [NSE] Multi-threaded telnet-brute
From: David Fifield <david () bamsoftware com>
Date: Thu, 15 Aug 2013 00:06:53 -0700
On Wed, Aug 07, 2013 at 01:55:30AM +0000, nnposter () users sourceforge net wrote:
I have put together another revision of telnet-brute.nse with the
objective of utilizing nselib/brute.lua.
- Multi-threaded (thanks to nselib/brute.lua)
- Can automatically reduce number of threads if it senses that the
target supports less than what brute.lua wants to use. Without this
feature the script tends to bail out because brute.lua default of 10
threads is too much for a lot of telnet targets. This saves the user
the trouble of finding out how much the target can take before
launching the script.
- Uses connection pooling for sending multiple login attempts across
the same connection. This significantly improves performance.
- Supports password-only logins.
Thanks, I committed this new revision in r31834.
I would very much appreciate if the community tested the script against
additional target types. If you find the script does not work in your
particular environment then please run it single-threaded (i.e.,
--script-args brute.threads=1) and send me the full nmap output with
debug level 3 (-ddd). Feel free to edit the output to replace the
individual password characters but please do not alter the output
Any constructive feedback is very welcome.
These are the results I saw running against Linux telnetd.
2223/tcp open telnet syn-ack Linux telnetd
| No valid accounts found
| Performed 73 guesses in 114 seconds, average tps: 0
|_ ERROR: Too many retries, aborted ...
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/