PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity
Files
131dccc5d20cdfe5123c89a3c84d72693b6afa04
nmap/scripts/informix-brute.nse
tomsellers 035ae9e9b1 Updated account status text in brute force password discovery scripts in an effort to make the reporting more consistent across all scripts. This will have an impact on any code that parses these values. 
In the case of a few of these scripts the only thing that was updated was the example text as the scripts relied on the creds library which handles the strings internally.
2011-09-11 12:13:13 +00:00

109 lines
2.7 KiB
Lua
Raw Blame History

description = [[
Performs brute force password auditing against IBM Informix Dynamic Server.
]]
---
-- @usage
-- nmap --script informix-brute -p 9088 <host>
--
-- @output
-- PORT STATE SERVICE
-- 9088/tcp open unknown
-- | informix-brute:
-- | Accounts
-- | ifxnoob:ifxnoob => Valid credentials
-- | Statistics
-- |_ Perfomed 25024 guesses in 75 seconds, average tps: 320
--
-- Summary
-- -------
-- x The Driver class contains the driver implementation used by the brute
-- library
--
--
-- Version 0.1
-- Created 07/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
--
author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"intrusive", "auth"}
require 'shortport'
require 'brute'
require 'informix'
require 'creds'
portrule = shortport.port_or_service( { 1526, 9088, 9090, 9092 }, "informix", "tcp", "open")
Driver =
{
new = function(self, host, port)
local o = {}
setmetatable(o, self)
self.__index = self
o.host = host
o.port = port
return o
end,
--- Connects performs protocol negotiation
--
-- @return true on success, false on failure
connect = function( self )
local status, data
self.helper = informix.Helper:new( self.host, self.port, "on_nmap_dummy" )
status, data = self.helper:Connect()
if ( not(status) ) then
return status, data
end
return true
end,
--- Attempts to login to the Informix server
--
-- @param username string containing the login username
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- brute.Account object on success
login = function( self, username, password )
local status, data = self.helper:Login( username, password, {} )
if ( status ) then
if ( not(nmap.registry['informix-brute']) ) then
nmap.registry['informix-brute'] = {}
end
table.insert( nmap.registry['informix-brute'], { ["username"] = username, ["password"] = password } )
return true, brute.Account:new(username, password, creds.State.VALID)
-- Check for account locked message
elseif ( data:match("INFORMIXSERVER does not match either DBSERVERNAME or DBSERVERALIASES") ) then
return true, brute.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( data )
end,
--- Disconnects and terminates the Informix communication
disconnect = function( self )
self.helper:Close()
end,
}
action = function(host, port)
local status, result
local engine = brute.Engine:new(Driver, host, port )
engine.options.script_name = SCRIPT_NAME
status, result = engine:start()
return result
end
Reference in New Issue View Git Blame Copy Permalink