PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Move brute.Account to creds.Account

Browse Source 
In addition to fitting better (brute library is the verb, creds library
is the noun), this will allow creds.lua to use creds.Account internally
where necessary (see subsequent commits)

Also change old references to string argument "OPEN" into
creds.State.VALID.
This commit is contained in:
dmiller
2014-09-23 05:23:13 +00:00
parent 379759d539
commit f37ac44380
52 changed files with 103 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
nselib/brute.lua
View File

@@ -7,9 +7,6 @@
-- the brute.threads argument, it defaults to 10.
--
-- The library contains the following classes:
-- * <code>Account</code>
-- ** Implements a simple account class, that converts account "states" to common text representation.
-- ** The state can be either of the following: OPEN, LOCKED or DISABLED
-- * <code>Engine</code>
-- ** The actual engine doing the brute-forcing .
-- * <code>Error</code>
@@ -31,7 +28,7 @@
--
-- The <code>login</code> method does not need a lot of explanation. The login
-- function should return two parameters. If the login was successful it should
-- return true and an <code>Account</code>. If the login was a failure it
-- return true and a <code>creds.Account</code>. If the login was a failure it
-- should return false and an <code>Error</code>. The driver can signal the
-- Engine to retry a set of credentials by calling the Error objects
-- <code>setRetry</code> method. It may also signal the Engine to abort all
@@ -106,7 +103,7 @@
-- status, data = self.socket:receive_bytes(1)
--
-- if ( data:match("SUCCESS") ) then
-- return true, brute.Account:new(username, password, "OPEN")
-- return true, creds.Account:new(username, password, creds.State.VALID)
-- end
-- return false, brute.Error:new( "login failed" )
-- end,
@@ -288,41 +285,6 @@ Options = {
}
-- The account object which is to be reported back from each driver
Account =
{
--- Creates a new instance of the Account class
--
-- @param username containing the user's name
-- @param password containing the user's password
-- @param state containing the account state and should be one of the
-- following <code>OPEN</code>, <code>LOCKED</code>,
-- <code>DISABLED</code>.
new = function(self, username, password, state)
local o = { username = username, password = password, state = state }
setmetatable(o, self)
self.__index = self
return o
end,
--- Converts an account object to a printable script
--
-- @return string representation of object
toString = function( self )
local c
if ( #self.username > 0 ) then
c = ("%s:%s"):format( self.username, #self.password > 0 and self.password or "<empty>" )
else
c = ("%s"):format( ( self.password and #self.password > 0 ) and self.password or "<empty>" )
end
if ( creds.StateMsg[self.state] ) then
return ( "%s - %s"):format(c, creds.StateMsg[self.state] )
else
return ("%s"):format(c)
end
end,
}
-- The Error class, is currently only used to flag for retries
-- It also contains the error message, if one was returned from the driver.
Error =

29
nselib/creds.lua
View File

@@ -235,6 +235,35 @@ RegStorage = {
}
Account = {
--- Creates a new instance of the Account class
--
-- @param username containing the user's name
-- @param password containing the user's password
-- @param state A <code>creds.State</code> account state
-- @return A new <code>creds.Account</code> object
-- @name Account.new
new = function(self, username, password, state)
local o = { username = username, password = password, state = state }
setmetatable(o, self)
self.__index = self
return o
end,
--- Converts an account object to a printable script
--
-- @return string representation of object
-- @name Account.__tostring
__tostring = function( self )
return (
(self.user and self.user .. ":" or "") ..
(self.pass ~= "" and self.pass or "<empty>") ..
(self.state and " - " .. self.state or "")
)
end,
}
-- The credentials class
Credentials = {

2
scripts/ajp-brute.nse
View File

@@ -69,7 +69,7 @@ Driver = {
err:setRetry( true )
return false, err
elseif( response.status ~= 401 ) then
return true, brute.Account:new(user, pass, creds.State.VALID)
return true, creds.Account:new(user, pass, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )
end,

4
scripts/backorifice-brute.nse
View File

@@ -261,7 +261,7 @@ local Driver =
-- @param username string containing username which is disregarded
-- @param password string containing login password
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local status, msg = self.bo:try_password(password,nil)
if status then
@@ -272,7 +272,7 @@ local Driver =
nmap.registry.credentials['backorifice'] = {}
end
table.insert( nmap.registry.credentials.backorifice, { password = password } )
return true, brute.Account:new("", password, creds.State.VALID)
return true, creds.Account:new("", password, creds.State.VALID)
else
-- The only indication that the password is incorrect is a timeout
local err = brute.Error:new( "Incorrect password" )

2
scripts/cassandra-brute.nse
View File

@@ -80,7 +80,7 @@ Driver = {
if (magic == cassandra.LOGINSUCC) then
stdnse.debug3("Account SUCCESS: "..combo)
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
elseif (magic == cassandra.LOGINFAIL) then
stdnse.debug3("Account FAIL: "..combo)
return false, brute.Error:new( "Incorrect password" )

3
scripts/cvs-brute-repository.nse
View File

@@ -1,5 +1,6 @@
local brute = require "brute"
local coroutine = require "coroutine"
local creds = require "creds"
local cvs = require "cvs"
local io = require "io"
local nmap = require "nmap"
@@ -68,7 +69,7 @@ Driver =
-- script can use them later.
self.host.registry.cvs_repos = self.host.registry.cvs_repos or {}
table.insert(self.host.registry.cvs_repos, password)
return true, brute.Account:new(username, password, 0)
return true, creds.Account:new(username, password, 0)
end
return false, brute.Error:new( "Incorrect password" )
end,

2
scripts/cvs-brute.nse
View File

@@ -58,7 +58,7 @@ Driver =
login = function( self, username, password )
local status, err = self.helper:login( self.repo, username, password )
if ( status ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
-- This error seems to indicate that the user does not exist

4
scripts/domcon-brute.nse
View File

@@ -120,7 +120,7 @@ Driver =
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local data = ("#UI %s,%s\n"):format(username,password)
local status
@@ -141,7 +141,7 @@ Driver =
if ( status and data:match("NOT_REG_ADMIN") ) then
not_admins[username] = true
elseif( status and data:match("VALID_USER") ) then
return true, brute.Account:new( username, password, creds.State.VALID)
return true, creds.Account:new( username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

2
scripts/dpap-brute.nse
View File

@@ -76,7 +76,7 @@ Driver = {
end
if ( data:match("^HTTP/1.1 200 OK") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

2
scripts/ftp-brute.nse
View File

@@ -85,7 +85,7 @@ Driver = {
stdnse.debug1("Received: %s", line)
if(string.match(line, "^230")) then
stdnse.debug1("Successful login: %s/%s", user, pass)
return true, brute.Account:new( user, pass, creds.State.VALID)
return true, creds.Account:new( user, pass, creds.State.VALID)
elseif(string.match(line, "^530")) then
return false, brute.Error:new( "Incorrect password" )
elseif(string.match(line, "^220")) then

2
scripts/http-brute.nse
View File

@@ -97,7 +97,7 @@ Driver = {
nmap.registry.credentials['http'] = {}
end
table.insert( nmap.registry.credentials.http, { username = username, password = password } )
return true, brute.Account:new( username, password, creds.State.VALID)
return true, creds.Account:new( username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )
end,

2
scripts/http-form-brute.nse
View File

@@ -138,7 +138,7 @@ Driver = {
nmap.registry['credentials'] = nmap.registry['credentials'] or {}
nmap.registry.credentials['http'] = nmap.registry.credentials['http'] or {}
table.insert( nmap.registry.credentials.http, { username = username, password = password } )
return true, brute.Account:new( username, password, creds.State.VALID)
return true, creds.Account:new( username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

4
scripts/http-joomla-brute.nse
View File

@@ -95,9 +95,7 @@ Driver = {
if response.body and not( response.body:match('name=[\'"]*'..self.options.passvar ) ) then
stdnse.debug2("Response:\n%s", response.body)
local c = creds.Credentials:new(SCRIPT_NAME, self.host, self.port )
c:add(username, password, creds.State.VALID )
return true, brute.Account:new( username, password, "OPEN")
return true, creds.Account:new( username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )
end,

2
scripts/http-proxy-brute.nse
View File

@@ -63,7 +63,7 @@ Driver = {
-- if we didn't get a 407 error, assume the credentials
-- were correct. we should probably do some more checks here
if ( response.status ~= 407 ) then
return true, brute.Account:new( username, password, creds.State.VALID)
return true, creds.Account:new( username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

2
scripts/http-wordpress-brute.nse
View File

@@ -93,7 +93,7 @@ Driver = {
if response.status == 302 then
local c = creds.Credentials:new( SCRIPT_NAME, self.host, self.port )
c:add(username, password, creds.State.VALID )
return true, brute.Account:new( username, password, "OPEN")
return true, creds.Account:new( username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

2
scripts/iax2-brute.nse
View File

@@ -52,7 +52,7 @@ Driver = {
login = function(self, username, password)
local status, resp = self.helper:regRelease(username, password)
if ( status ) then
return true, brute.Account:new( username, password, creds.State.VALID )
return true, creds.Account:new( username, password, creds.State.VALID )
elseif ( resp == "Release failed" ) then
return false, brute.Error:new( "Incorrect password" )
else

4
scripts/imap-brute.nse
View File

@@ -72,13 +72,13 @@ Driver =
-- @param username string containing the username
-- @param password string containing the password
-- @return status true on success, false on failure
-- @return brute.Error on failure and brute.Account on success
-- @return brute.Error on failure and creds.Account on success
login = function( self, username, password )
local status, err = self.helper:login( username, password, mech )
if ( status ) then
self.helper:close()
self.helper:connect()
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
if ( err:match("^ERROR: Failed to .* data$") ) then
self.helper:close()

6
scripts/informix-brute.nse
View File

@@ -73,7 +73,7 @@ Driver =
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local status, data = self.helper:Login( username, password, {} )
@@ -82,10 +82,10 @@ Driver =
nmap.registry['informix-brute'] = {}
end
table.insert( nmap.registry['informix-brute'], { ["username"] = username, ["password"] = password } )
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
-- Check for account locked message
elseif ( data:match("INFORMIXSERVER does not match either DBSERVERNAME or DBSERVERALIASES") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( data )

2
scripts/irc-brute.nse
View File

@@ -80,7 +80,7 @@ Driver = {
until(not(status))
if (success) then
return true, brute.Account:new("", password, creds.State.VALID)
return true, creds.Account:new("", password, creds.State.VALID)
end
return false, brute.Error:new("Incorrect password")
end,

2
scripts/irc-sasl-brute.nse
View File

@@ -123,7 +123,7 @@ Driver = {
until (not status)
if (success) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new("Incorrect username or password")
end,

2
scripts/iscsi-brute.nse
View File

@@ -50,7 +50,7 @@ Driver = {
local status = self.helper:login( self.target, username, password, "CHAP")
if ( status ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

2
scripts/membase-brute.nse
View File

@@ -58,7 +58,7 @@ Driver = {
err:setRetry( true )
return false, err
end
return true, brute.Account:new( arg_bucketname or username, password, creds.State.VALID)
return true, creds.Account:new( arg_bucketname or username, password, creds.State.VALID)
end,
disconnect = function(self)

2
scripts/metasploit-msgrpc-brute.nse
View File

@@ -88,7 +88,7 @@ Driver = {
data = http.post(self.host,self.port, "/api/",options, nil , encode(user,pass))
if data and data.status and tostring( data.status ):match( "200" ) then
if string.find(data.body,"success") then
return true, brute.Account:new( user, pass, creds.State.VALID)
return true, creds.Account:new( user, pass, creds.State.VALID)
else
return false, brute.Error:new( "Incorrect username or password" )
end

2
scripts/metasploit-xmlrpc-brute.nse
View File

@@ -70,7 +70,7 @@ Driver =
elseif (string.match(response,"<name>result</name><value><string>success</string></value>")) then
stdnse.debug1("Good login: %s/%s", username, password)
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
stdnse.debug1("WARNING: Unhandled response: %s", response)
return false, brute.Error:new( "unhandled response" )

2
scripts/mmouse-brute.nse
View File

@@ -71,7 +71,7 @@ Driver = {
if (data:match("^CONNECTED\30([^\30]*)") == "NO" ) then
return false, brute.Error:new( "Incorrect password" )
elseif ( data:match("^CONNECTED\30([^\30]*)") == "YES" ) then
return true, brute.Account:new("", password, creds.State.VALID)
return true, creds.Account:new("", password, creds.State.VALID)
end
local err = brute.Error:new("An unexpected error occurred, retrying ...")

2
scripts/mongodb-brute.nse
View File

@@ -49,7 +49,7 @@ Driver = {
login = function(self, username, password)
local status, resp = mongodb.login(self.sock, arg_db, username, password)
if ( status ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
elseif ( resp ~= "Authentication failed" ) then
local err = brute.Error:new( resp )
err:setRetry( true )

2
scripts/mysql-brute.nse
View File

@@ -73,7 +73,7 @@ Driver = {
nmap.registry.mysqlusers = {}
end
nmap.registry.mysqlusers[user]=pass
return true, brute.Account:new( user, pass, creds.State.VALID)
return true, creds.Account:new( user, pass, creds.State.VALID)
end
return false,brute.Error:new( "Incorrect password" )
end,

2
scripts/mysql-enum.nse
View File

@@ -87,7 +87,7 @@ Driver = {
end
if string.find(response,"Access denied for user") == nil then
-- found it
return true, brute.Account:new( pass, nil, creds.State.VALID)
return true, creds.Account:new( pass, nil, creds.State.VALID)
else
return false,brute.Error:new( "Incorrect username" )
end

2
scripts/nessus-brute.nse
View File

@@ -128,7 +128,7 @@ Driver =
end
if ( line:match("SERVER <|> PREFERENCES_ERRORS <|>") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )

2
scripts/nessus-xmlrpc-brute.nse
View File

@@ -83,7 +83,7 @@ Driver =
local status, response = authenticate(self.host, self.port, username, password)
if ( status and response ) then
if ( response:match("^HTTP/1.1 200 OK.*<status>OK</status>") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
elseif ( response:match("^HTTP/1.1 200 OK.*<status>ERROR</status>") ) then
return false, brute.Error:new("incorrect login")
end

2
scripts/nexpose-brute.nse
View File

@@ -63,7 +63,7 @@ Driver =
return false, brute.Error:new( "Bad login" )
elseif (response.body:match('<LoginResponse.*success="1"')) then
stdnse.debug1("Good login: %s/%s", username, password)
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
stdnse.debug1("WARNING: Unhandled response: %s", response.body)
return false, brute.Error:new( "incorrect response from server" )

2
scripts/nping-brute.nse
View File

@@ -133,7 +133,7 @@ Driver =
login = function(self, _, password)
if self:testpass(password) then
return true, brute.Account:new("", password, creds.State.VALID)
return true, creds.Account:new("", password, creds.State.VALID)
end
return false, brute.Error:new("Incorrect password")
end,

2
scripts/omp2-brute.nse
View File

@@ -64,7 +64,7 @@ Driver = {
if self.session:authenticate(username, password) then
-- store the account for possible future use
omp2.add_account(self.host, username, password)
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
else
return false, brute.Error:new("login failed")
end

2
scripts/openvas-otp-brute.nse
View File

@@ -90,7 +90,7 @@ Driver =
elseif (string.match(line,"SERVER <|>")) then
stdnse.debug1("Good login: %s/%s", username, password)
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
stdnse.debug1("WARNING: Unhandled response: %s", line)

4
scripts/oracle-brute-stealth.nse
View File

@@ -117,7 +117,7 @@ Driver =
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local status, data = self.helper:StealthLogin( username, password )
@@ -126,7 +126,7 @@ Driver =
if ( johnfile ) then
johnfile:write(("%s:%s\n"):format(username,hash))
end
return true, brute.Account:new(username, hash, creds.State.HASHED)
return true, creds.Account:new(username, hash, creds.State.HASHED)
else
return false, brute.Error:new( data )
end

8
scripts/oracle-brute.nse
View File

@@ -133,7 +133,7 @@ Driver =
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local status, data = self.helper:Login( username, password )
@@ -144,14 +144,14 @@ Driver =
if ( status ) then
self.helper:Close()
ConnectionPool[coroutine.running()] = nil
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
-- Check for account locked message
elseif ( data:match("ORA[-]28000") ) then
return true, brute.Account:new(username, password, creds.State.LOCKED)
return true, creds.Account:new(username, password, creds.State.LOCKED)
-- Check for account is SYSDBA message
elseif ( data:match("ORA[-]28009") ) then
sysdba[username] = true
return true, brute.Account:new(username .. " as sysdba", password, creds.State.VALID)
return true, creds.Account:new(username .. " as sysdba", password, creds.State.VALID)
-- check for any other message
elseif ( data:match("ORA[-]%d+")) then
stdnse.debug3("username: %s, password: %s, error: %s", username, password, data )

2
scripts/pcanywhere-brute.nse
View File

@@ -137,7 +137,7 @@ Driver = {
if status then
retry = true -- now the server is in "locked mode", we need to retry next connection a few times
return true, brute.Account:new( user, pass, creds.State.VALID)
return true, creds.Account:new( user, pass, creds.State.VALID)
end
return false,brute.Error:new( "Incorrect password" )
end,

5
scripts/pop3-brute.nse
View File

@@ -1,5 +1,6 @@
local brute = require "brute"
local comm = require "comm"
local creds = require "creds"
local nmap = require "nmap"
local pop3 = require "pop3"
local shortport = require "shortport"
@@ -73,13 +74,13 @@ Driver = {
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function(self, username, password)
local pstatus
local perror
pstatus, perror = self.login_function(self.socket, username, password, self.additional)
if pstatus then
return true, brute.Account:new(username, password, "OPEN")
return true, creds.Account:new(username, password, creds.State.VALID)
elseif (perror == pop3.err.pwError) then
return false, brute.Error:new("Wrong password.")
elseif (perror == pop3.err.userError) then

2
scripts/redis-brute.nse
View File

@@ -54,7 +54,7 @@ Driver = {
return false, brute.Error:new( "Incorrect password" )
elseif ( status and response.type == redis.Response.Type.STATUS and
"+OK" ) then
return true, brute.Account:new( "", password, creds.State.VALID)
return true, creds.Account:new( "", password, creds.State.VALID)
else
local err = brute.Error:new( response.data )
err:setRetry( true )

2
scripts/rexec-brute.nse
View File

@@ -73,7 +73,7 @@ Driver = {
local response
status, response = self.socket:receive()
if ( status ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )
end,

2
scripts/rlogin-brute.nse
View File

@@ -130,7 +130,7 @@ Driver = {
return false, brute.Error:new( "Incorrect password" )
end
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end,
disconnect = function(self)

2
scripts/rpcap-brute.nse
View File

@@ -46,7 +46,7 @@ Driver = {
login = function(self, username, password)
local status, resp = self.helper:login(username, password)
if ( status ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )
end,

2
scripts/rsync-brute.nse
View File

@@ -58,7 +58,7 @@ Driver = {
elseif ( not(status) ) then
return false, brute.Error:new( "Login failed" )
else
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
end,

2
scripts/sip-brute.nse
View File

@@ -65,7 +65,7 @@ Driver = {
end
return false, brute.Error:new( "Incorrect password" )
end
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end,
disconnect = function(self) return self.helper:close() end,

7
scripts/sip-enum-users.nse
View File

@@ -7,6 +7,7 @@ local stdnse = require "stdnse"
local table = require "table"
local math = require "math"
local brute = require "brute"
local creds = require "creds"
local unpwdb = require "unpwdb"
description = [[
@@ -192,17 +193,17 @@ Driver = {
-- requires authentication
if responsecode == sip.Error.UNAUTHORIZED or
responsecode == sip.Error.PROXY_AUTH_REQUIRED then
return true, brute.Account:new(password, " Auth required", '')
return true, creds.Account:new(password, " Auth required", '')
-- If response status code is 200, then extension exists
-- and requires no authentication
elseif responsecode == sip.Error.OK then
return true, brute.Account:new(password, " No auth", '')
return true, creds.Account:new(password, " No auth", '')
-- If response status code is 200, then extension exists
-- but access is forbidden.
elseif responsecode == sip.Error.FORBIDDEN then
return true, brute.Account:new(password, " Forbidden", '')
return true, creds.Account:new(password, " Forbidden", '')
end
return false,brute.Error:new( "Not found" )
else

4
scripts/smtp-brute.nse
View File

@@ -73,13 +73,13 @@ Driver =
-- @param username string containing the username
-- @param password string containing the password
-- @return status true on success, false on failure
-- @return brute.Error on failure and brute.Account on success
-- @return brute.Error on failure and creds.Account on success
login = function( self, username, password )
local status, err = smtp.login( self.socket, username, password, mech )
if ( status ) then
smtp.quit(self.socket)
ConnectionPool[coroutine.running()] = nil
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
if ( err:match("^ERROR: Failed to .*") ) then
self.socket:close()

2
scripts/socks-brute.nse
View File

@@ -57,7 +57,7 @@ Driver = {
return false, err
end
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end,
disconnect = function( self )

4
scripts/svn-brute.nse
View File

@@ -199,7 +199,7 @@ Driver =
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local status, msg
@@ -213,7 +213,7 @@ Driver =
self.invalid_users[username] = true
return false, brute.Error:new("Username not found")
elseif ( status and msg:match("success") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
else
return false, brute.Error:new( "Incorrect password" )
end

7
scripts/telnet-brute.nse
View File

@@ -1,5 +1,6 @@
local comm = require "comm"
local coroutine = require "coroutine"
local creds = require "creds"
local nmap = require "nmap"
local re = require "re"
local U = require "lpeg-utility"
@@ -525,7 +526,7 @@ end
--
-- @param self Driver object
-- @return Status (true or false)
-- @return instance of brute.Account if the operation was successful;
-- @return instance of creds.Account if the operation was successful;
-- instance of brute.Error otherwise
Driver.methods.login = function (self, username, password)
assert(self.conn, "Attempt to use disconnected driver")
@@ -567,13 +568,13 @@ Driver.methods.login = function (self, username, password)
local login_success = function ()
local msg = "Login succeeded"
debug(detail_debug, msg .. loc)
return true, brute.Account:new(username, password, "OPEN")
return true, creds.Account:new(username, password, creds.State.VALID)
end
local login_no_password = function ()
local msg = "Login succeeded without password"
debug(detail_debug, msg .. loc)
return true, brute.Account:new(username, "<none>", "OPEN")
return true, creds.Account:new(username, "", creds.State.VALID)
end
debug(detail_debug, "Login attempt %s:%s%s", username, password, loc)

2
scripts/vmauthd-brute.nse
View File

@@ -73,7 +73,7 @@ Driver = {
status, response = self.socket:receive_buf("\r\n", false)
if ( response:match("^230") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Login incorrect" )

4
scripts/vnc-brute.nse
View File

@@ -68,7 +68,7 @@ Driver =
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
-- creds.Account object on success
login = function( self, username, password )
local status, data = self.vnc:handshake()
@@ -87,7 +87,7 @@ Driver =
status, data = self.vnc:login( nil, password )
if ( status ) then
return true, brute.Account:new("", password, creds.State.VALID)
return true, creds.Account:new("", password, creds.State.VALID)
elseif ( not( data:match("Authentication failed") ) ) then
local err = brute.Error:new( data )
-- This might be temporary, set the retry flag

4
scripts/xmpp-brute.nse
View File

@@ -75,13 +75,13 @@ Driver =
-- @param username string containing the username
-- @param password string containing the password
-- @return status true on success, false on failure
-- @return brute.Error on failure and brute.Account on success
-- @return brute.Error on failure and creds.Account on success
login = function( self, username, password )
local status, err = self.helper:login( username, password, mech )
if ( status ) then
self.helper:close()
self.helper:connect()
return true, brute.Account:new(username, password, creds.State.VALID)
return true, creds.Account:new(username, password, creds.State.VALID)
end
if ( err:match("^ERROR: Failed to .* data$") ) then
self.helper:close()