PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-11 02:09:03 +00:00
Code Issues Projects Releases Wiki Activity

Rename the xampp-default-auth script to ftp-brute. Incorporate some code

Browse Source 
improvements in the script from Vlatko Kosturjak. Remove the nobody/e0e0e0e0
test credentials because I can't find a web source to substantiate them.
This commit is contained in:
david
2009-01-26 06:02:45 +00:00
parent 81886dc21d
commit a5b73cf906
3 changed files with 19 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@@ -2,6 +2,8 @@
o A new Zenmap translation: French, contributed by Gutek o A new Zenmap translation: French, contributed by Gutek
o The xampp-default-auth.nse script was renamed to ftp-brute.nse.
Nmap 4.85BETA1 [2009-1-23] Nmap 4.85BETA1 [2009-1-23]
o Added Ncat, a much-improved reimplementation of the venerable Netcat o Added Ncat, a much-improved reimplementation of the venerable Netcat

29
scripts/xampp-default-auth.nse → scripts/ftp-brute.nse
View File

@@ -1,20 +1,20 @@
description = [[ description = [[
Check if an XAMP or XAMPP FTP server uses a default username and password. Tries to get FTP login credentials by guessing usernames and passwords.
XAMP is an Apache distribution designed for easy installation and
administration.
]] ]]
--- ---
-- @output -- @output
-- 21/tcp open ftp -- 21/tcp open ftp
-- |_ xampp-default-auth: Login success with u/p: nobody/xampp -- |_ ftp-auth: Login success with u/p: nobody/xampp
--
-- 2008-11-06 Vlatko Kosturjak <kost@linux.hr>
-- Modified xampp-default-auth script to generic ftp-brute script
author = "Diman Todorov <diman.todorov@gmail.com>" author = "Diman Todorov <diman.todorov@gmail.com>"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html" license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"auth", "vuln"} categories = {"auth", "intrusive"}
require "shortport" require "shortport"
@@ -46,14 +46,15 @@ end
action = function(host, port) action = function(host, port)
local res local res
local socket = nmap.new_socket() local socket = nmap.new_socket()
local authcombinations = {
{user="nobody", password="xampp"}, --- XAMPP default ftp
}
socket:connect(host.ip, port.number) for _, combination in pairs (authcombinations) do
res = login(socket, "nobody", "e0e0e0e0") socket:connect(host.ip, port.number)
socket:close() res = login(socket, combination.user, combination.password)
socket:close()
socket:connect(host.ip, port.number) end
res = login(socket, "nobody", "xampp")
socket:close()
return res return res
end end

4
scripts/script.db
View File

@@ -22,6 +22,8 @@ Entry{ category = "auth", filename = "ftp-anon.nse" }
Entry{ category = "safe", filename = "ftp-anon.nse" } Entry{ category = "safe", filename = "ftp-anon.nse" }
Entry{ category = "default", filename = "ftp-bounce.nse" } Entry{ category = "default", filename = "ftp-bounce.nse" }
Entry{ category = "intrusive", filename = "ftp-bounce.nse" } Entry{ category = "intrusive", filename = "ftp-bounce.nse" }
Entry{ category = "auth", filename = "ftp-brute.nse" }
Entry{ category = "intrusive", filename = "ftp-brute.nse" }
Entry{ category = "default", filename = "html-title.nse" } Entry{ category = "default", filename = "html-title.nse" }
Entry{ category = "discovery", filename = "html-title.nse" } Entry{ category = "discovery", filename = "html-title.nse" }
Entry{ category = "safe", filename = "html-title.nse" } Entry{ category = "safe", filename = "html-title.nse" }
@@ -107,5 +109,3 @@ Entry{ category = "safe", filename = "upnp-info.nse" }
Entry{ category = "discovery", filename = "whois.nse" } Entry{ category = "discovery", filename = "whois.nse" }
Entry{ category = "external", filename = "whois.nse" } Entry{ category = "external", filename = "whois.nse" }
Entry{ category = "safe", filename = "whois.nse" } Entry{ category = "safe", filename = "whois.nse" }
Entry{ category = "auth", filename = "xampp-default-auth.nse" }
Entry{ category = "vuln", filename = "xampp-default-auth.nse" }