Nmap Development mailing list archives
Re: does this matter?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 18 Apr 2014 10:41:51 -0500
On 04/18/2014 10:18 AM, Mike . wrote:
just talked to George a bit ago about my issue with the router brute force script. he told me i had a -- out of place. i just put that extra dash in and still got an odd errornmap: illegal option -- û so just for the heck of it i ran the dashes as singles and that seemed to work! output here> C:\>nmap -p80 -script http-brute -script-args http-brute.path=/admin/ 192.168.0.1 (notice the single dashes) so the question here is, does it even matter? single or double dashes? but again i am confused. when i run this brute force against this damn login page, nmap still says this : 80/tcp open http syn-ack| http-brute:|_ Path "/admin/" does not require authenticationMAC Address: 50:39:55:44:F5:AE (Cisco Spvtg) i have already tested blank auth and it does not go! what the hell? m|ke _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Mike,Regarding the "illegal option -- û" error, you most likely have a long dash (—) instead of a hyphen (-) in your command line, which is being encoded strangely.
Regarding http-brute (http://nmap.org/nsedoc/scripts/http-brute.html), the script is for auditing HTTP Basic authentication only. If the username and password fields are on a web page, not a browser prompt, then you should be using http-form-brute (http://nmap.org/nsedoc/scripts/http-form-brute.html) instead.
Dan _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- does this matter? Mike . (Apr 18)
- Re: does this matter? Daniel Miller (Apr 18)