File ftp-brute
Download: http://nmap.org/svn/scripts/ftp-brute.nse
User Summary
Tries to get FTP login credentials by guessing usernames and passwords.
This uses the standard unpwdb username/password list. However, in tests FTP servers are significantly slower than other servers when responding, so the number of usernames/passwords can be artificially limited using script arguments.
Script Arguments
limit
Set userlimlt and passlimit at the same time.
passlimit
The number of passwords to try (default: unlimited).
userlimit
The number of user accounts to try (default: unlimited).
passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb
See the documentation for the unpwdb library.Example Usage
nmap -sV --script=ftp-brute <target>
Script Output
PORT STATE SERVICE REASON 21/tcp open ftp syn-ack | ftp-brute: | | anonymous: IEUser@ |_ |_ test: password
Requires
Author: Diman Todorov, Vlatko Kosturjak, Ron Bowes
License: Same as Nmap--See http://nmap.org/book/man-legal.html