Re: [nmap-svn] r13466 - nmap-exp/ithilgore/ncrack

[ithilgore <ithilgore.ryu.l () gmail com>]

David Fifield wrote:
> On Mon, Jun 01, 2009 at 05:34:23PM -0700, commit-mailer () insecure org wrote:
> > Author: ithilgore
> > Date: Mon Jun  1 17:34:22 2009
> > New Revision: 13466
> >
> > Modified:
> >    nmap-exp/ithilgore/ncrack/Service.cc
> >    nmap-exp/ithilgore/ncrack/Service.h
> >    nmap-exp/ithilgore/ncrack/ftp_module.cc
> >    nmap-exp/ithilgore/ncrack/ncrack.cc
> >    nmap-exp/ithilgore/ncrack/services.cc
> >
> > Log:
> > Implemented -L,-P options (login/pass filenames) - ftp module working fully now.
>
> I want to try this out. But before I go look for an FTP server that's
> easy to set up with a list of users and password, I thought I'd ask your
> advice. What server software are you using in your testing, and can you
> post a brief howto on setting it up for testing Ncrack?
>
> David Fifield
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org


I have tested it so far against a proftpd server (running on my local network)
which by default setups usernames/passwords corresponding to the system's local
ones. In fact, I only needed to invoke proftpd and do nothing else (and this
from an Arch Linux system which has a fame for *not* meddling with the packages'
default configuration files).

Then you only need to do something like this:
./ncrack ftp://10.0.0.10 -L <file> -P <file>

and optionally -d4  to see each username/password attempt as it takes place.

Btw, I am at the moment writing a mail which explains Ncrack's timing engine and
options and which will shed some light behind its inner workings.

-- ithilgore





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org