dmiller
f42dde7ba2
Document some undocumented script-args
2013-03-05 22:31:39 +00:00
batrick
000f6dc4d9
Lua 5.2 upgrade [1] for NSE.
...
[1] http://seclists.org/nmap-dev/2012/q2/34
2012-05-27 08:53:32 +00:00
fyodor
c9d610ccea
Create a new brute category for brute forcing scripts, move the *-brute scripts from auth category to brute. document it. I don't know what to do with dns-brute so I left it alone (it wasn't in auth category either)
2011-09-30 06:18:55 +00:00
gorjan
4ca48ea450
FIX: Added require 'creds' where it was missing; Mostly where creds.State.<some_state> was used.
2011-07-07 16:22:57 +00:00
patrik
f4bf440b14
o [NSE] Added credential storage library (creds.lua) and modified the brute
...
library and scripts to make use of it. [Patrik]
2011-06-19 17:18:29 +00:00
patrik
5f00edd310
Re-worked the http-form-brute script, the changes include:
...
- autodetecting form fields is now a bit more robust
- only the password field is mandatory
- HTTP re-directs are followed in case they're detected
- the detection of incorrect login attempts has been changed and supports
two new arguments (onsucces, onfailure)
[Patrik]
2011-06-12 18:52:51 +00:00
patrik
079195122d
o [NSE] Applied patch from Daniel Miller that fixes a bug in http-form-brute
...
reported by Josh Greenwood. The script would break if autodetection of
either brute form fields would fail.
http://seclists.org/nmap-dev/2011/q2/524
2011-05-11 13:04:20 +00:00
fyodor
a84c2e4498
Did some NSEDoc cleanup on many of the 45 NSE scripts which are new since the 5.35DC1 Nmap release. Emphasis was on the first paragraph of the description, since that is shown on the front page of http://nmap.org/nsedoc and I'm planning to use that description verbatim (except for removing tags like <code>) for the CHANGELOG
2011-01-14 10:20:51 +00:00
patrik
a2c2a3f84c
o [NSE] Added two new scripts http-brute.nse and http-form-brute that attempt
...
to perform password guessing against web servers and applications. [Patrik]
2010-08-19 20:53:40 +00:00
