Script omp2-brute

Script types: portrule
Categories: brute, intrusive
Download: https://svn.nmap.org/nmap/scripts/omp2-brute.nse

Script Summary

Performs brute force password auditing against the OpenVAS manager using OMPv2.

Script Arguments

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

creds.[service], creds.global

See the documentation for the creds library.

brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass

See the documentation for the brute library.

omp2.password, omp2.username

See the documentation for the omp2 library.

Example Usage

nmap -p 9390 --script omp2-brute <target>

Script Output

PORT     STATE SERVICE REASON
9390/tcp open  openvas syn-ack
| omp2-brute:
|   Accounts
|_    admin:secret => Valid credentials

Requires

• brute
• creds
• omp2
• shortport

---

Author:

• Henri Doreau

License: Same as Nmap--See https://nmap.org/book/man-legal.html