PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity
Files
c0628fd141744c4f73fcc6d5ab40348b51e6ca46
nmap/scripts/iscsi-brute.nse
dmiller f37ac44380 Move brute.Account to creds.Account 
In addition to fitting better (brute library is the verb, creds library
is the noun), this will allow creds.lua to use creds.Account internally
where necessary (see subsequent commits)

Also change old references to string argument "OPEN" into
creds.State.VALID.
2014-09-23 05:23:13 +00:00

91 lines
2.2 KiB
Lua
Raw Blame History

local brute = require "brute"
local creds = require "creds"
local iscsi = require "iscsi"
local shortport = require "shortport"
local stdnse = require "stdnse"
description = [[
Performs brute force password auditing against iSCSI targets.
]]
---
-- @output
-- PORT STATE SERVICE
-- 3260/tcp open iscsi syn-ack
-- | iscsi-brute:
-- | Accounts
-- | user:password123456 => Valid credentials
-- | Statistics
-- |_ Perfomed 5000 guesses in 7 seconds, average tps: 714
-- Version 0.1
-- Created 2010/11/18 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- Revised 2010/11/27 - v0.2 - detect if no password is needed <patrik@cqure.net>
author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"intrusive", "brute"}
portrule = shortport.portnumber(3260, "tcp", {"open", "open|filtered"})
Driver = {
new = function(self, host, port)
local o = {}
setmetatable(o, self)
self.__index = self
o.host = host
o.port = port
o.target = stdnse.get_script_args('iscsi-brute.target')
return o
end,
connect = function( self )
self.helper = iscsi.Helper:new( self.host, self.port )
return self.helper:connect()
end,
login = function( self, username, password )
local status = self.helper:login( self.target, username, password, "CHAP")
if ( status ) then
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( "Incorrect password" )
end,
disconnect = function( self )
self.helper:close()
end,
}
action = function( host, port )
local target = stdnse.get_script_args('iscsi-brute.target')
if ( not(target) ) then
return "ERROR: No target specified (see iscsi-brute.target)"
end
local helper = iscsi.Helper:new( host, port )
local status, err = helper:connect()
if ( not(status) ) then return false, "Failed to connect" end
local response
status, response = helper:login( target )
helper:logout()
helper:close()
if ( status ) then return "No authentication required" end
local accounts
local engine = brute.Engine:new(Driver, host, port)
engine.options.script_name = SCRIPT_NAME
status, accounts = engine:start()
if ( status ) then return accounts end
end
Reference in New Issue View Git Blame Copy Permalink