Re: does this matter?

[Daniel Miller <bonsaiviking () gmail com>]

On 04/18/2014 10:18 AM, Mike . wrote:
> just talked to George a bit ago about my issue with the router brute force script. he told me i had a -- out of place. 
> i just put that extra dash in and still got an odd errornmap: illegal option -- û
> so just for the heck of it i ran the dashes as singles and that seemed to work! output here>
>   C:\>nmap -p80 -script http-brute -script-args http-brute.path=/admin/ 192.168.0.1  (notice the single dashes)
> so the question here is, does it even matter? single or double dashes? but again i am confused. when i run this brute force 
> against this damn login page, nmap  still says this : 80/tcp open  http    syn-ack| http-brute:|_  Path "/admin/" does 
> not require authenticationMAC Address: 50:39:55:44:F5:AE (Cisco Spvtg)
> i have already tested blank auth and it does not go! what the hell?
> m|ke                                    
> _______________________________________________
> Sent through the dev mailing list
> http://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
Mike,

Regarding the "illegal option -- û" error, you most likely have a long 
dash (—) instead of a hyphen (-) in your command line, which is being 
encoded strangely.

Regarding http-brute (http://nmap.org/nsedoc/scripts/http-brute.html), 
the script is for auditing HTTP Basic authentication only. If the 
username and password fields are on a web page, not a browser prompt, 
then you should be using http-form-brute 
(http://nmap.org/nsedoc/scripts/http-form-brute.html) instead.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/