PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-24 16:39:03 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Re-enabled support for guessing the username in addition to password

Browse Source 
that was incorrectly removed from the metasploit-xmlrpc-brute in previous
  commit. [Patrik]
This commit is contained in:
patrik
2011-11-11 05:52:52 +00:00
parent 8ec7da89c8
commit 1aa3e7c456
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/metasploit-xmlrpc-brute.nse
View File

@@ -46,7 +46,7 @@ Driver =
end,
login = function( self, username, password )
local xmlreq='<?xml version="1.0" ?><methodCall><methodName>auth.login</methodName><params><param><value><string>msf</string></value></param><param><value><string>'..password.."</string></value></param></params></methodCall>\n"..string.char(0)
local xmlreq='<?xml version="1.0" ?><methodCall><methodName>auth.login</methodName><params><param><value><string>'..username..'</string></value></param><param><value><string>'..password.."</string></value></param></params></methodCall>\n"..string.char(0)
local status, err = self.socket:send(xmlreq)
if ( not ( status ) ) then
@@ -88,7 +88,6 @@ action = function(host, port)
local engine = brute.Engine:new(Driver, host, port, opts)
engine.options.script_name = SCRIPT_NAME
engine.options.firstonly = true
engine.options.passonly = true
status, result = engine:start()
return result
end