Added support for scripts to report invalid (non-existing) accounts back

to the brute library. This way, they're removed from further guessing. [Patrik]
2025-12-25 00:49:01 +00:00 · 2011-07-21 05:56:58 +00:00
parent 4c03e43d2f
commit 2faca7aed1
1 changed files with 16 additions and 0 deletions
--- a/nselib/brute.lua
+++ b/nselib/brute.lua
@@ -177,6 +177,8 @@
 -- Revised 06/19/2011 - v0.7 - added support for creds library [Patrik]
 -- Revised 07/07/2011 - v0.71- fixed some minor bugs, and changed credential
 --                             iterator to use a file handle instead of table
+-- Revised 07/21/2011 - v0.72- added code to allow script reporting invalid
+--								(non existing) accounts using setInvalidAccount

 module(... or "brute", package.seeall)
 require 'unpwdb'
@@ -349,6 +351,18 @@ Error =
 	-- @param b boolean true if done, unset or false if not
 	setDone = function( self, b ) self.done = b end,
 	
+	-- Marks the username as invalid, aborting further guessing.
+	-- @param username
+	setInvalidAccount = function(self, username)
+		self.invalid_account = username
+	end,
+
+	-- Checks if the error reported the account as invalid.
+	-- @return username string containing the invalid account
+	isInvalidAccount = function(self)
+		return self.invalid_account 
+	end,
+	
 }

 -- The brute engine, doing all the nasty work
@@ -554,6 +568,8 @@ Engine =
 					break
 				elseif( response and response:isDone() ) then
 					break
+				elseif ( response and response:isInvalidAccount() ) then
+					self.found_accounts[response:isInvalidAccount()] = true
 				end
 			end