File cvs-brute
Script types:
portrule
Categories:
intrusive, brute
Download: http://nmap.org/svn/scripts/cvs-brute.nse
User Summary
Performs brute force password auditing against CVS pserver authentication.
Script Arguments
cvs-brute.repo
string containing the name of the repository to brute if no repo was given the script checks the registry for any repositories discovered by the cvs-brute-repository script. If the registry contains any discovered repositories, the script attempts to brute force the credentials for the first one.
passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb
See the documentation for the unpwdb library.Example Usage
nmap -p 2401 --script cvs-brute <host>
Script Output
2401/tcp open cvspserver syn-ack | cvs-brute: | Accounts | hotchner:francisco - Account is valid | reid:secret - Account is valid | Statistics |_ Performed 544 guesses in 14 seconds, average tps: 38
Requires
Author: Patrik Karlsson
License: Same as Nmap--See http://nmap.org/book/man-legal.html