Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File ajp-brute

Script types: portrule
Categories: intrusive, brute
Download: http://nmap.org/svn/scripts/ajp-brute.nse

User Summary

Performs brute force passwords auditing against the Apache JServ protocol. The Apache JServ Protocol is commonly used by web servers to communicate with back-end Java application server containers.

Script Arguments

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap -p 8009 <ip> --script ajp-brute

Script Output

PORT     STATE SERVICE
8009/tcp open  ajp13
| ajp-brute:
|   Accounts
|     root:secret - Valid credentials
|   Statistics
|_    Performed 1946 guesses in 23 seconds, average tps: 82

Requires


Author: Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]