PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Move http-form-brute docs from @usage to description

Browse Source
This commit is contained in:
dmiller
2014-08-10 12:34:55 +00:00
parent 4d5950cb42
commit d7d991477a
1 changed files with 23 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
scripts/http-form-brute.nse
View File

@@ -9,35 +9,35 @@ local url = require "url"
description = [[
Performs brute force password auditing against http form-based authentication.
This script uses the unpwdb and brute libraries to perform password
guessing. Any successful guesses are stored in the nmap registry, under
the nmap.registry.credentials.http key for other scripts to use.
The script automatically attempts to discover the form field names to
use in order to perform password guessing. If it fails doing so the form
parameters can be supplied using the uservar and passvar arguments.
After attempting to authenticate using a HTTP POST request the script
analyzes the response and attempt to determine whether authentication was
successful or not. The script analyzes this by checking the response using
the following rules:
1. If the response was empty the authentication was successful
2. If the response contains the message passed in the onsuccess
argument the authentication was successful
3. If no onsuccess argument was passed, and if the response
does not contain the message passed in the onfailure argument the
authentication was successful
4. If neither the onsuccess or onfailure argument was passed and the
response does not contain a password form field authentication
was successful
5. Authentication failed
]]
---
-- @usage
-- nmap --script http-form-brute -p 80 <host>
--
-- This script uses the unpwdb and brute libraries to perform password
-- guessing. Any successful guesses are stored in the nmap registry, under
-- the nmap.registry.credentials.http key for other scripts to use.
--
-- The script automatically attempts to discover the form field names to
-- use in order to perform password guessing. If it fails doing so the form
-- parameters can be supplied using the uservar and passvar arguments.
--
-- After attempting to authenticate using a HTTP POST request the script
-- analyzes the response and attempt to determine whether authentication was
-- successful or not. The script analyzes this by checking the response using
-- the following rules:
-- 1. If the response was empty the authentication was successful
-- 2. If the response contains the message passed in the onsuccess
-- argument the authentication was successful
-- 3. If no onsuccess argument was passed, and if the response
-- does not contain the message passed in the onfailure argument the
-- authentication was successful
-- 4. If neither the onsuccess or onfailure argument was passed and the
-- response does not contain a password form field authentication
-- was successful
-- 5. Authentication failed
--
-- @output
-- PORT STATE SERVICE REASON
-- 80/tcp open http syn-ack
@@ -47,11 +47,6 @@ Performs brute force password auditing against http form-based authentication.
-- | Statistics
-- |_ Perfomed 60023 guesses in 467 seconds, average tps: 138
--
-- Summary
-- -------
-- x The Driver class contains the driver implementation used by the brute
-- library
--
-- @args http-form-brute.path points to the path protected by authentication
-- @args http-form-brute.hostname sets the host header in case of virtual
-- hosting