http-brute
脚本使用类型:
portrule
脚本所属分类:
intrusive, brute
脚本下载地址: http://nmap.org/svn/scripts/http-brute.nse
Performs brute force password auditing against http basic authentication.
sets the host header in case of virtual hosting
sets the HTTP method to use (default: GET
)
points to the path protected by authentication (default: /
)
执行格式
nmap --script http-brute -p 80 <host> This script uses the unpwdb and brute libraries to perform password guessing. Any successful guesses are stored in the nmap registry, under the nmap.registry.credentials.http key for other scripts to use.
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-brute: | Accounts | Patrik Karlsson:secret => Valid credentials | Statistics |_ Perfomed 60023 guesses in 467 seconds, average tps: 138 Summary ------- x The Driver class contains the driver implementation used by the brute library
Author: Patrik Karlsson, Piotr Olma
License: VER007 整理 http://www.ver007.com