Nmap Development mailing list archives
Re: http-form-brute: uservar bug
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 11 May 2011 07:09:46 -0500
I got a chance to look at this, and the problem is that the script retrieves the argument, then checks if uservar OR passvar are not set. If either is not set, it looks through the page to try to guess the right fields. If it can't guess, then it sets them BOTH to nil. Here's a patch that checks if either is set separately and guesses only for the unset field: Index: http-form-brute.nse =================================================================== --- http-form-brute.nse (revision 23138) +++ http-form-brute.nse (working copy) @@ -134,8 +134,12 @@ local path = nmap.registry.args['http-form-brute.path'] or "/" local status, result, engine - if ( not(uservar) or not(passvar) ) then + if ( not(uservar) and not(passvar) ) then uservar, passvar = detectFormFields( host, port, path ) + elseif ( not(uservar) ) then + uservar, _ = detectFormFields( host, port, path ) + elseif ( not(passvar) ) then + _, passvar = detectFormFields( host, port, path ) end if ( not( uservar ) ) then return " \n ERROR: No uservar was specified (see http-form-brute.uservar)" Dan On Tue, May 10, 2011 at 9:49 PM, Josh Greenwood <joshgreenwood () gmail com>wrote:
If I'm reading the documentation correctly, the following scan should work: ./nmap --script http-form-brute --script-args http-form-brute.uservar=username 192.168.0.1 Yet I get the following error: PORT STATE SERVICE 80/tcp open http | http-form-brute: |_ ERROR: No uservar was specified (see http-form-brute.uservar) Am I providing the uservar value incorrectly, or is this a bug? I'm using nmap 5.51SVN, revision 23136. Please let me know if I can provide additional information. Thanks, Josh _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-form-brute: uservar bug Josh Greenwood (May 10)
- Re: http-form-brute: uservar bug Daniel Miller (May 11)
- Re: http-form-brute: uservar bug Patrik Karlsson (May 11)
- Re: http-form-brute: uservar bug Daniel Miller (May 11)