Nmap Development mailing list archives
Re: pcanywhere-brute request for comments
From: Hani Benhabiles <kroosec () gmail com>
Date: Sat, 16 Jun 2012 00:42:12 +0100
On 06/16/2012 12:34 AM, Aleksandar Nikolic wrote:
Hi all, And third, but most annoying, after it guesses a valid username/password pair , the server is locked for quite some time, so the script retries the connection until the server is available again and it can continue. Now, to resolve this last issue, there are two options: 1) The script quits after it finds one valid login or 2) The script loops in a sort of busy wait until the server becomes available again. In it's current state, the script implements the second option. Any thoughts on this ?
Hi Aleks,I think that a script argument for choosing between the two options with a default value to one of them would be a wise choice. I would argue that the first option of stopping the brute after a valid guess should be the default option, but that is up to you to see how long is the wait after a valid login.
Cheers, Hani. -- Hani Benhabiles Twitter: https://twitter.com/#!/kroosec Blog: http://kroosec.blogspot.com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- pcanywhere-brute request for comments Aleksandar Nikolic (Jun 15)
- Re: pcanywhere-brute request for comments Hani Benhabiles (Jun 15)
- Re: pcanywhere-brute request for comments Henri Doreau (Jun 16)
- Re: pcanywhere-brute request for comments Aleksandar Nikolic (Jun 18)
- Re: pcanywhere-brute request for comments Aleksandar Nikolic (Jun 18)
- Re: pcanywhere-brute request for comments Aleksandar Nikolic (Jun 18)