File nexpose-brute
Script types:
portrule
Categories:
intrusive, brute
Download: http://nmap.org/svn/scripts/nexpose-brute.nse
User Summary
Performs brute force password auditing against a Nexpose vulnerability scanner using the API 1.1. By default it only tries three guesses per username to avoid target account lockout.
Script Arguments
passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb
See the documentation for the unpwdb library.http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent
See the documentation for the http library.smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.Example Usage
nmap --script nexpose-brute -p 3780 <ip>
Script Output
PORT STATE SERVICE REASON VERSION 3780/tcp open ssl/nexpose syn-ack NeXpose NSC 0.6.4 | nexpose-brute: | Accounts | nxadmin:nxadmin - Valid credentials | Statistics |_ Performed 5 guesses in 1 seconds, average tps: 5 As the Nexpose application enforces account lockout after 4 incorrect login attempts, the script performs only 3 guesses per default. This can be altered by supplying the <code>brute.guesses</code> argument a different value or 0 (zero) to guess the whole dictionary.
Requires
Author: Vlatko Kosturjak
License: Same as Nmap--See http://nmap.org/book/man-legal.html