Re: I: ncrack ?

[Richard Miles <richard.k.miles () googlemail com>]

Hi Fyodor and all nmap fans,

Since ncrack is not supported anymore, there is expectation to include ssh
brute-force at nmap?

Additionally, there is a way to run for example nmap with all scripts
inside exploit, vuln, auth, brute and intrusive EXCEPT the SMB and LDAP
brute-force ones? I would love to run all of them this categories together,
but I'm very concerned about accounts lock-outs and also should be nice to
have a fast version of SQL Injection module since it may take very long.
There is a solution for me?

When I finish scans I always have to review the findings and I try to
create a script to point the relevant things (accounts cracked, systems
vulnerable, etc) but I don't see any pattern to identify them during the
output. There is a project to create a standard nmap output to make parsing
easy? :)

Thanks and sorry for hijack the thread. :)

On Thu, Aug 16, 2012 at 3:41 PM, Fyodor <fyodor () insecure org> wrote:

> On Thu, Aug 09, 2012 at 06:17:10PM +0100, Remo the Last wrote:
> > is ncrack an abandoned project or is it updated? There will be a
> > debian version (ubuntu at this moment!)?
>
> It was a Summer of Code project by Ithilgore.  I'd be happy to do an
> update if he or someone else starts working on it again.  But
> currently, the Nmap Scripting Engine has sort of become our main
> cracking engine:
>
> http://nmap.org/nsedoc/categories/brute.html
>
> Cheers,
> Fyodor
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/