NSEDoc

Scripts (show 437)(437)Scripts (437)

Libraries (show 106)(106)Libraries (106)

File `ajp-brute`

Script types: portrule
Categories: intrusive, brute
Download: http://nmap.org/svn/scripts/ajp-brute.nse

User Summary

Performs brute force passwords auditing against the Apache JServ protocol. The Apache JServ Protocol is commonly used by web servers to communicate with back-end Java application server containers.

Script Arguments

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap -p 8009 <ip> --script ajp-brute

Script Output

PORT     STATE SERVICE
8009/tcp open  ajp13
| ajp-brute: 
|   Accounts
|     root:secret - Valid credentials
|   Statistics
|_    Performed 1946 guesses in 23 seconds, average tps: 82

Requires

Author: Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Sponsors

NSEDoc

Categories

Scripts (show 437)(437)Scripts (437)

Libraries (show 106)(106)Libraries (106)

File `ajp-brute`

User Summary

Script Arguments

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

Example Usage

Script Output

Requires

Nmap Site Navigation

Sponsors

NSEDoc

Categories

Scripts (show 437)(437)Scripts (437)

Libraries (show 106)(106)Libraries (106)

File ajp-brute

User Summary

Script Arguments

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

Example Usage

Script Output

Requires

Nmap Site Navigation

File `ajp-brute`