File backorifice-brute
Script types:
portrule
Categories:
intrusive, brute
Download: http://nmap.org/svn/scripts/backorifice-brute.nse
User Summary
Performs brute force password auditing against the BackOrifice service. The
backorifice-brute.ports script argument is mandatory (it specifies ports to run
the script against).
Script Arguments
backorifice-brute.ports
(mandatory) List of UDP ports to run the script against separated with "," ex. "U:31337,25252,151-222", "U:1024-1512"
This script uses the brute library to perform password guessing. A
successful password guess is stored in the nmap registry, under the
nmap.registry.credentials.backorifice table for other BackOrifice
scripts to use.
passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb
See the documentation for the unpwdb library.Example Usage
nmap -sU --script backorifice-brute <host> --script-args backorifice-brute.ports=<ports>
Script Output
PORT STATE SERVICE 31337/udp open BackOrifice | backorifice-brute: | Accounts: | michael => Valid credentials | Statistics |_ Perfomed 60023 guesses in 467 seconds, average tps: 138
Requires
Author: Gorjan Petrovski
License: Same as Nmap--See http://nmap.org/book/man-legal.html