Nmap Development mailing list archives
[NSE] Announcement: Alternate fingerprints for http-default-accounts
From: nnposter <nnposter () users sourceforge net>
Date: Sun, 30 Sep 2018 14:23:31 -0600
Some time ago Paulino has authored NSE script http-default-accounts, which is designed to detect presence of default accounts on HTTP targets. The script uses a fingerprint dataset to cope with various targets and their login flows. A default dataset is included with nmap. I have put together an alternate fingerprint dataset, which consists of 300 fingerprints. Both common platforms and quite a few specialized devices are covered, including thermostats, pool pumps, door locks, intercoms, maritime navigation, solar systems, and RF relays. https://github.com/nnposter/nndefaccts (Licensed under GPL 3+) It should work reasonably well with any relatively recent version of nmap but for the best experience I do recommend using 7.70 because of relevant improvements that were made to NSE libraries over the past few years. This dataset is maintained separately from nmap proper so please do not report problems to this dev list or through nmap issues on GitHub. Instead please review the repository README and open a GitHub issue at https://github.com/nnposter/nndefaccts/issues Cheers, nnposter _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Announcement: Alternate fingerprints for http-default-accounts nnposter (Sep 30)