Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ncrack Enhancement

From: Fotis Chantzis <ithilgore.ryu.l () gmail com>
Date: Wed, 8 Mar 2017 21:46:47 -0600
You are right that this could be improved on Ncrack whenever bigger files
are encountered.
The same problem also affects NSE brute-forcing scripts:
http://seclists.org/nmap-dev/2015/q4/196

I'd be happy to apply a patch that improves this case.

On Wed, Feb 22, 2017 at 1:36 AM, Levi Muniz <levi.muniz17 () gmail com> wrote:


To Whom It May Concern:


I downloaded your program *Ncrack* this morning, and I began running some
simple security assessments on my home server. As I was running the crack,
I noticed that my memory had seemed to be elevated, so I checked my current
processes to determine what was causing this. I checked Ncrack’s memory
usage and it was consuming 1.3 GB of RAM, which makes sense because my
password dictionary is 1.3 GB. However, I wonder the consequences of
running an even larger dictionary.

It appears to me that you are loading the entirety of the dictionary and
storing it to a variable of some sort. But why? Wouldn’t it be more memory
efficient to read the file line by line to conserve memory?

I would suspect that the biggest limiting factor of the program would be
network speed, which is significantly slower than disk read times. So even
if my proposed change causes a decrease in speed in reading the dictionary
file, would it even be noticeable?


Regards,

Levi Muniz
Software Developer

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: