Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] Category - http-default-accounts.nse

From: Tom Sellers <nmap () fadedcode net>
Date: Sun, 13 Apr 2014 08:51:46 -0500
All,
        The script 'http-default-accounts.nse' attempts to login to web
services with default credentials that are defined in its list.  I
think this would meet the following section of the description for the
'intrusive' category:

" or otherwise be perceived as malicious by the target's system administrators."

Most of the other 'auth' scripts gather information without triggering
an authentication event on the remote target.  Those that do, such as
'ms-sql-empty-password' are listed as intrusive.


Thanks much,

Tom
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: