Home page logo
/
Zenmap screenshot
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Example Nmap output

File tso-brute

Script types: portrule
Categories: intrusive
Download: https://svn.nmap.org/nmap/scripts/tso-brute.nse

User Summary

TSO account brute forcer.

This script relies on the NSE TN3270 library which emulates a TN3270 screen for NMAP.

TSO user IDs have the following rules: - it cannot begin with a number - only contains alpha-numeric characters and @, #, $. - it cannot be longer than 7 chars

Script Arguments

tso-brute.commands

Commands in a semi-colon seperated list needed to access TSO. Defaults to TSO.

tso-brute.always_logon

TSO logon can kick a user off if it guesses the correct password. always_logon, when set to true, will logon, even if the user is logged in (kicking that user off). The default, false will skip that account.

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

creds.[service], creds.global

See the documentation for the creds library.

brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass

See the documentation for the brute library.

Example Usage

nmap -p 2401 --script tso-brute <host>

Script Output

23/tcp open  tn3270  syn-ack IBM Telnet TN3270
| tso-brute:
|   Node Name:
|     IBMUSER:<skipped> - User logged on. Skipped.
|     ZERO:<skipped> - User logged on. Skipped.
|     COOL:secret - Valid credentials
|_  Statistics: Performed 6 guesses in 6 seconds, average tps: 1
Final times for host: srtt: 96305 rttvar: 72303  to: 385517

Requires


Author:
Philip Young

License: Same as Nmap--See https://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]