mirror of
https://github.com/nmap/nmap.git
synced 2026-01-27 00:29:03 +00:00
8a8be1e9f9
http://seclists.org/nmap-dev/2013/q2/101 - Changed line termination from \r\0 to \r\n. - Changed response to the telnet server ECHO "will" / "will not" from outright "do not" to an agreement with whatever the server proposes to make the script work with some daemons. - Removed use of receive_lines(), which was causing either time-outs or unnecessary connection tear-downs due to waiting on a line termination. This change improved the script success rate and/or performance (5x in some cases). - Exposed the connection time-out value as a configurable parameter (telnet-brute.timeout). It defaults to 5s. - Improved handling of connection errors, which were occassionally causing credential combinations to be skipped. - Updated the logged-in status detection logic to make the script work with some daemons. - Avoided overlapping connections to make the script work with daemons that allow only one connection at a time. - Replaced a locally defined routine with stdnse.string_or_blank() for printing out credentials. Changed printing of tested credentials in the debug output to be consistent with script results. - Script will now report if it senses password-only authentication. - Implemented detailed debug messages (e.g. "Sending password") at debug level 3 (configurable). - Expanded the script documentation.
Here is some documentation for Nmap, but these files are much less comprehensive than what you'll find at the actual Nmap documentation site ( http://nmap.org ).