[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nmap-dev
Subject:    Re: RFC on Ncrack, A new network authentication cracker
From:       Justin Knox <knox.justin () gmail ! com>
Date:       2009-04-29 11:27:12
Message-ID: 784742e40904290427t591c52d3xbc9608e5cc62fbd3 () mail ! gmail ! com
[Download RAW message or body]

Useful? absolutely.


username/password db: I think there needs to be not only an included
list compiled by the community, but the ability to specify a list at
run-time. How about passing a regex at runtime to hone the list?
should there be separate lists for usernames and passwords? how about
a username/password db that is classified based upon OS type or Device
manufacturer -- we could use the information from an nmap scan
(service, version, os detection) to intelligently search that list at
runtime to try to eliminate some brute force time.

speed/accuracy: maybe we could adapt the timing options from nmap to
offer user customizable balance to the speed/accuracy situation.

services: +1 on modularity. source and runtime? i.e. user-selected
services to crack?

using nmap -- how about taking the output of an nmap scan and using it
to generate the target list for ncrack? This is particularly useful if
we've already identified open services (perhaps even version info. if
ncrack can take that at runtime or even via a piped command...that
could be fantastic.

+1 for the suggestion of using the --restore action of jtr.

Mac OS X -- I can offer up some time to test builds on my mac here.

--Justin

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
[prev in list] [next in list] [prev in thread] [next in thread]