Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-proxy-brute

Script types: portrule
Categories: brute, intrusive, external
Download: http://nmap.org/svn/scripts/http-proxy-brute.nse

User Summary

Performs brute force password guessing against HTTP proxy servers.

Script Arguments

http-proxy-brute.url

sets an alternative URL to use when brute forcing (default: http://scanme.insecure.org)

http-proxy-brute.method

changes the HTTP method to use when performing brute force guessing (default: HEAD)

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script http-proxy-brute -p 8080 <host>

Script Output

PORT     STATE SERVICE
8080/tcp open  http-proxy
| http-proxy-brute:
|   Accounts
|     patrik:12345 - Valid credentials
|   Statistics
|_    Performed 6 guesses in 2 seconds, average tps: 3

Requires


Author: Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault