The @xmloutput section documentation is not done, and I'm not sure how
to best do it, since it will be the same for all brute.lua scripts. This
is how it looks:
metasploit-msgrpc-brute:
<table key="Accounts">
<table>
<elem key="username">root</elem>
<elem key="state">Valid credentials</elem>
<elem key="password">root</elem>
</table>
</table>
<elem key="Statistics">Performed 3 guesses in 4 seconds, average tps: 0</elem>
creds-summary:
<table key="127.0.0.1">
<table key="9929/nping-echo">
<table>
<elem key="password">123456</elem>
<elem key="state">Valid credentials</elem>
</table>
</table>
<table key="55553/unknown">
<table>
<elem key="username">root</elem>
<elem key="state">Valid credentials</elem>
<elem key="password">root</elem>
</table>
</table>
</table>
In addition to fitting better (brute library is the verb, creds library
is the noun), this will allow creds.lua to use creds.Account internally
where necessary (see subsequent commits)
Also change old references to string argument "OPEN" into
creds.State.VALID.
commit fb1fa9373592e81ee004b99cf813e07bf253fbe1
Author: Patrik Karlsson <patrik@cqure.net>
Date: Sun Dec 16 11:49:36 2012 -0500
Fix bug where brute library failed to report error on invalid iterators
commit 5de9e4fa623f88a9b48ef0704244ff843005573a
Author: Patrik Karlsson <patrik@cqure.net>
Date: Sat Oct 6 21:19:08 2012 +0200
Applied patch from Dhiru Kholia adding oracle-brute-stealth and needed changes
reworked the patch slightly and added;
- support for specifying account on command line
- johnfile argument for writing hashes directly to file
- Added support for restricting the amount of guesses performed by the
brute library against users, to prevent account lockouts.
- Added support to guess the username as password as incorrectly
suggested as default behavior by the documentation.
- Added support to guess an empty string as password if not present
in the dictionary. [Patrik]
discovered accounts
* documented engine options
* added new engine option (nostore) that instructs the library not to store
the discovered credentials in the credential database
being found if run in passonly mode.
* Fixed a bug in the brute library preventing detection of duplicate
credential entries requested from the iterator.
Changed getCredentials to allow a bitmask filter
Changed getCredentials to return an iterator instead of a table
Modified the brute library to support the changes
[Patrik]
empty password in our password list. If you want to turn it off, it
would be better to provide an interface that allows an iterator to throw
out certain passwords.
socket:connect(host.ip, port.number)
socket:connect(host.ip, port.number, port.protocol)
to this:
socket:connect(host, port)
connect can take host and port tables now, and the default protocol is
taken from the port table if possible.
