Nmap Development mailing list archives
Re: Nmap Erros on URI using NSE
From: Shritam Bhowmick <shritam.bhowmick () gmail com>
Date: Thu, 14 Aug 2014 22:54:14 +0530
Hi nmposter, That's great. Looking forward to the enhancements. On a side note, could I get the whole script because I manually changed your patch code to the original nmap script! Is there any way, I can update my nmap scrip db, I tried nmap --scrip-dbupdate on kali. It seems not to work. I need the code to make it work. I did common spell mistakes while changing the code as well. Regards Shritam Bhowmick Founder at OpenFire Technologies. Penetration Tester at+OpenFire Security. Web Application Analysis and Research. www.openfire-security.net http://forum.openfire-security.net The information contained herein (including any accompanying documents) is confidential and is intended solely for the addressee(s). It may contain proprietary, confidential, privileged information or other information subject to legal restrictions. If you are not the intended recipient of this message, please do not read, copy, use or disclose this message or its attachments. Please notify the sender immediately and delete all copies of this message and any attachments. This e-mail message including attachment(s), if any, is believed to be free of any virus. However, it is the responsibility of the recipient to ensure for absence of viruses. OpenFire Technologies shall not be held responsible nor does it accept any liability for any damage arising in any way from its use. On Thu, Aug 14, 2014 at 10:48 PM, <nnposter () users sourceforge net> wrote:
Shritam Bhowmick wrote:nmap pentesteracademylab.appspot.com -n --script=http-form-brute --script-args 'http-form-brute.path="/lab/webapp/1", http-form-brute.hostname="pentesteracademylab.appspot.com", passdb="/root/Desktop/pentesteracademy/challenge1/passwords.txt", userdb="/root/Desktop/pentesteracademy/challenge1/users.txt", http-form-brute.passvar=password, http-form-brute.uservar=email' -vvv<snip>But the script gave out no output still. I think there is an issue. I had tested using hydra, and this worked fine!?If you run your CLI with -d you would see: PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-form-brute: |_ ERROR: Failed to retrieve path (/lab/webapp/1) from server Final times for host: srtt: 0 rttvar: 3750 to: 100000 The reason is that the server is configured to reject POST requests while your CLI is missing "http-form-brute.method=get". (As noted in my previous e-mail, the script still uses POST by default.) There is room for improvement of the auto-detection but I have not tried to address that with my patch. Cheers, nnposter _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap Erros on URI using NSE, (continued)
- Re: Nmap Erros on URI using NSE Daniel Miller (Aug 09)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 09)
- Re: Nmap Erros on URI using NSE Daniel Miller (Aug 10)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 10)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 10)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 11)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 09)
- Re: Nmap Erros on URI using NSE nnposter (Aug 12)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 13)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE nnposter (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 14)
- Re: Nmap Erros on URI using NSE nnposter (Aug 14)
- Re: Nmap Erros on URI using NSE Robin Wood (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 14)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 15)
- Re: Nmap Erros on URI using NSE nnposter (Aug 18)
- Re: Nmap Erros on URI using NSE Shritam Bhowmick (Aug 19)
- Re: Nmap Erros on URI using NSE Daniel Miller (Aug 09)