PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 01:19:03 +00:00
Code Issues Projects Releases Wiki Activity

Removes duplicate credential structure in favor of NSE library creds. Patch submitted by nnposter fixes #58

Browse Source
This commit is contained in:
paulino
2015-04-16 18:51:45 +00:00
parent 80a14ef0f6
commit 4a95d8f9b2
3 changed files with 24 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/http-form-brute.nse
View File

@@ -12,8 +12,8 @@ description = [[
Performs brute force password auditing against http form-based authentication.
This script uses the unpwdb and brute libraries to perform password
guessing. Any successful guesses are stored in the nmap registry, under
the nmap.registry.credentials.http key for other scripts to use.
guessing. Any successful guesses are stored in the nmap registry, using
the creds library, for other scripts to use.
The script automatically attempts to discover the form method, action, and
field names to use in order to perform password guessing. (Use argument
@@ -234,9 +234,6 @@ Driver = {
if not success then
return false, brute.Error:new("Incorrect password")
end
nmap.registry['credentials'] = nmap.registry['credentials'] or {}
nmap.registry.credentials['http'] = nmap.registry.credentials['http'] or {}
table.insert(nmap.registry.credentials.http, {username = username, password = password})
return true, creds.Account:new(username, password, creds.State.VALID)
end,