Nmap Development mailing list archives
Re: [NSE] DB2 library and scripts
From: Fyodor <fyodor () insecure org>
Date: Mon, 10 May 2010 13:24:28 -0700
On Mon, May 10, 2010 at 05:03:50PM +0200, Patrik Karlsson wrote:
Here's an updated threaded version of the db2-brute script. It seems to run well and quickly against my test systems. I failed to get condvar("signal") to work, as in the example, and had to switch to condvar("broadcast") instead. Can someone provide some insight into why this happens and to what I'm doing wrong? Also, the mutex I'm using to create and add to the nmap.registry.db2users table, is it necessary, and if it is, is it implemented correctly? Testing, feedback, suggestions and comments are welcome as always.
Thanks Patrik. This is an exciting script as it would be the first to use NSE's threading system for parallelization. That also means it is extra-important to get it right, as it will likely serve as a template and standard for future parallelized scripts. If it works really well, we might convert the other 11 brute scripts. I don't have a DB2 instance to test on, but have you done any benchmarking before and after the change? It would be interesting to see how the number of authentication attempts per second is scaling. This script seems to dedicate a thread per username. That works great if you have at least 10 (or db2-brute.threads) usernames, but it means you lose the parallelization if you are only testing against one username. I can see that as being a common case. For example, I sometimes get database host names and usernames from web application error messages, but they usually don't print the password. That would be a perfect setup for a db2-brute run against a single username. Also, this structure forces a somewhat unusual ordering on the authentication attempts. Users might want to try all the passwords for one username before going to the next, or they might want to iterate the username list for each password in order. Ncrack does the latter by default, but also offers --passwords-first for the former approach. So maybe it would be best if you have a bunch of doLogin() threads like you do now, but rather than give each one responsibility for a whole username, you have doLogin() call a function which obtains the next desired user/pass pair using unpw iterators. It looks like the function takes an argument db2-auth.dbname which should be mentioned in the NSEDoc. I'm not certain if you chose db2-auth because that is a good name to share the argument with other scripts/libraries in the future, or if you changed the script name from db2-auth to db2-brute and didn't update the argument. Hopefully Patrick can answer your questions about condvar "signal" and whether you need a mutex with the db2users table. It would be interesting to do some benchmarking of Ncrack and NSE brute scripts against the same services on the same targets (but not at exactly the same time). I think that could help both systems improve. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] DB2 library and scripts Patrik Karlsson (May 08)
- Re: [NSE] DB2 library and scripts Patrick Donnelly (May 08)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 09)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 10)
- Re: [NSE] DB2 library and scripts Djalal Harouni (May 10)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 10)
- Re: [NSE] DB2 library and scripts Fyodor (May 10)
- Re: [NSE] DB2 library and scripts Patrick Donnelly (May 10)
- Re: [NSE] DB2 library and scripts Patrick Donnelly (May 10)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 11)
- Re: [NSE] DB2 library and scripts Patrick Donnelly (May 11)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 11)
- Re: [NSE] DB2 library and scripts David Fifield (May 11)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 12)
- Re: [NSE] DB2 library and scripts Patrick Donnelly (May 08)
- Re: [NSE] DB2 library and scripts Fyodor (May 11)
- Re: [NSE] DB2 library and scripts Patrik Karlsson (May 12)
- Re: [NSE] DB2 library and scripts Fyodor (May 12)