Script metasploit-msgrpc-brute

Script types: portrule
Categories: intrusive, brute
Download: https://svn.nmap.org/nmap/scripts/metasploit-msgrpc-brute.nse

Script Summary

Performs brute force username and password auditing against Metasploit msgrpc interface.

Script Arguments

creds.[service], creds.global

See the documentation for the creds library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass

See the documentation for the brute library.

slaxml.debug

See the documentation for the slaxml library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

Example Usage

nmap --script metasploit-msgrpc-brute -p 55553 <host>

This script uses brute library to perform password
guessing against Metasploit's msgrpc interface.

Script Output

PORT      STATE SERVICE REASON
55553/tcp open  unknown syn-ack
| metasploit-msgrpc-brute:
|   Accounts
|     root:root - Valid credentials
|   Statistics
|_    Performed 10 guesses in 10 seconds, average tps: 1

Requires

• brute
• shortport
• stdnse
• string
• http
• creds

---

Author:

• Aleksandar Nikolic

License: Same as Nmap--See https://nmap.org/book/man-legal.html