Home page logo
/
Zenmap screenshot
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Example Nmap output

File nje-pass-brute

Script types: portrule
Categories: intrusive, brute
Download: https://svn.nmap.org/nmap/scripts/nje-pass-brute.nse

User Summary

z/OS JES Network Job Entry (NJE) 'I record' password brute forcer.

After successfully negotiating an OPEN connection request, NJE requires sending, what IBM calls, an 'I record'. This initialization record may sometimes require a password. This script, provided with a valid OHOST/RHOST for the NJE connection, brute forces the password.

Most systems only have one password, it is recommended to use the brute.firstonly script argument.

Script Arguments

nje-pass-brute.sleep

NJE only allows one connection from a valid OHOST. The sleep value ensures only one connection is valid at a time. The default is 1 second.

nje-pass-brute.rhost

The target NJE server RHOST value.

nje-pass-brute.ohost

The target NJE server OHOST value.

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

creds.[service], creds.global

See the documentation for the creds library.

brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass

See the documentation for the brute library.

Example Usage

nmap -sV --script=nje-pass-brute --script-args=ohost='POTATO',rhost='CACTUS' <target>
nmap --script=nje-pass-brute --script-args=ohost='POTATO',rhost='CACTUS',sleep=5 -p 175 <target>

Script Output

PORT    STATE SERVICE VERSION
175/tcp open  nje     IBM Network Job Entry (JES)
| nje-pass-brute:
|   NJE Password:
|     Password:A - Valid credentials
|_  Statistics: Performed 8 guesses in 12 seconds, average tps: 0

Requires


Author:

  • Soldier of Fortran

License: Same as Nmap--See https://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]