PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 09:49:05 +00:00
Code Issues Projects Releases Wiki Activity

Update NSEdoc for http-form-brute

Browse Source
This commit is contained in:
dmiller
2016-01-02 04:52:15 +00:00
parent 4e23e6dfde
commit 1863fd84d3
1 changed files with 24 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
scripts/http-form-brute.nse
View File

@@ -22,10 +22,16 @@ the form components can be supplied using arguments method, path, uservar,
and passvar. The same arguments can be used to selectively override
the detection outcome.
The script contains a small database of known web apps' form information. This
improves form detection and also allows for form mangling and custom success
detection functions. If the script arguments aren't expressive enough, users
are encouraged to edit the database to fit.
After attempting to authenticate using a HTTP GET or POST request the script
analyzes the response and attempts to determine whether authentication was
successful or not. The script analyzes this by checking the response using
the following rules:
1. If the response was empty the authentication was successful.
2. If the onsuccess argument was provided then the authentication either
succeeded or failed depending on whether the response body contained
@@ -73,6 +79,10 @@ the following rules:
-- to expect on successful authentication
-- @args http-form-brute.onfailure (optional) sets the message/pattern
-- to expect on unsuccessful authentication
-- @args http-form-brute.sessioncookies Attempt to grab session cookies before
-- submitting the form. Setting this to "false" could speed up cracking
-- against forms that do not require any cookies to be set before logging
-- in. Default: true
--
-- Version 0.5
@@ -475,6 +485,8 @@ action = function (host, port)
local onfailure = stdnse.get_script_args('http-form-brute.onfailure')
local hostname = stdnse.get_script_args('http-form-brute.hostname') or stdnse.get_hostname(host)
local sessioncookies = stdnse.get_script_args('http-form-brute.sessioncookies')
-- Originally intended more granular control with "always" or other strings
-- to say when to grab new session cookies. For now, only boolean, though.
if not sessioncookies then
sessioncookies = true
elseif sessioncookies == "false" then