Nmap Development mailing list archives
Re: Ncrack telnet module
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 13 Jun 2017 20:55:13 -0500
Hi! Thanks for the input. For telnet brute-forcing, the telnet-brute NSE script [1] is very well suited, with intelligent prompt detection based on empirical scanning of hundreds of different device types. Here's an example invocation that tries all username/password combinations from separate wordlists (default is to only run for 10 minutes): nmap -p23 --script telnet-brute --script-args unpwdb.timelimit=0,userdb=users.txt,passdb=passwords.txt 192.0.2.1 Of course, the Ncrack developers on the list may be interested in improving Ncrack in this regard as well. Dan [1] https://nmap.org/nsedoc/scripts/telnet-brute.html On Tue, Jun 13, 2017 at 7:59 PM, bgqueengeek <bgqueengeek () gmail com> wrote:
Hi all; Working with ncrack for scanning some non-standard devices (printers) that do support telnet, but do not prompt with "login". Instead, the session goes straight to the password prompt. Ncrack telnet does not have a way to by-pass the login prompt. As such my ncrack scan fails to test the password I know is correct. I have tested it with Cygwin telnet no problem. Most telnet clients handle this ok in an interactive session, but a wireshark trace of ncrack indicates ncrack never sees the password prompt. I have the source for ncrack_telnet, but would rather not have to hack it up too much. It exists on a linux host, so it builds and installs. I recognize this is old, but any assistance out there would be greatly appreciated. -- View this message in context: http://nmap-dev.996309.n3. nabble.com/Ncrack-telnet-module-tp28740.html Sent from the Nmap - Dev mailing list archive at Nabble.com. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Ncrack telnet module bgqueengeek (Jun 13)
- Re: Ncrack telnet module Daniel Miller (Jun 13)
- Re: Ncrack telnet module bgqueengeek (Jun 14)
- Re: Ncrack telnet module nnposter (Jun 14)
- Re: Ncrack telnet module bgqueengeek (Jun 14)
- Re: Ncrack telnet module nnposter (Jun 14)
- Re: Ncrack telnet module bgqueengeek (Jun 15)
- Re: Ncrack telnet module nnposter (Jun 15)
- Re: Ncrack telnet module bgqueengeek (Jun 19)
- Re: Ncrack telnet module bgqueengeek (Jun 14)
- Re: Ncrack telnet module Daniel Miller (Jun 13)