Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap http auth update

From: Vishal Nandwani <vlnandwa () ncsu edu>
Date: Wed, 21 Jan 2009 20:28:39 -0500
David,

Thank you for your suggestions to improve the script before it gets
included.  I apologize for such a late reply, but we are just a group of
students who stay busy on a constant basis.  We just returned to class from
winter break and would like to get things rolling again.

In your last reply, you informed me on r10954 from 2008-11-07 as the latest
build for nmap.  At this point in time, is there anything later we should
modify the script or should this be the build we work with?

On behalf of my group members, thank you for taking the time to work with us
and your guidance in this project.

All the best,

Vishal

On Mon, Dec 8, 2008 at 11:54 AM, David Fifield <david () bamsoftware com>wrote:


On Tue, Dec 02, 2008 at 11:53:53AM -0500, Vishal Nandwani wrote:

Attached in this e-mail is an NSE script titled http-dict.nse.  It

updates

the http auth script to include md5 as well as a larger dictionary.  We

hope

the community finds this useful and that the script is considered for

code

integration into the next version of nmap.


Thank you for your contribution. It is most welcome. I tried out your
modified script and it worked for me. I'd like to see it included with
Nmap. There are a few changes I'd like you to make before it is
included.

Your updated script is based on a slightly old version of http-auth.nse
and it doesn't have some recent improvements from Vlatko Kosturjak. Can
you make your changes again based on r10954 from 2008-11-07?

Before adding any new user names and passwords to the script, I want to
see measurements showing that they occur frequently, or at least
documentation as to what devices use each authentication pair. It's easy
to add new user names and passwords, but each one incurs a cost in run
time and network traffic. Please leave the expanded dictionaries out of
your updated submission.

Where did the value for cnonce ("f5d6811482d3ab57d18f06dfe240f390") come
from? If it's meant to be random then you could use openssl.rand_bytes
or openssl.rand_pseudo_bytes.

Don't be discouraged. We often ask for changes to patches before they
are accepted. Thanks again for your improvements. I look forward to
merging the next version of your script.

David Fifield



--
Vishal L Nandwani
vlnandwa () ncsu edu

Senior, NC State University
Computer Science

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: