403Webshell
Server IP : 101.53.144.229  /  Your IP : 216.73.216.181
Web Server : Apache
System : Linux host.gdigitalindia.in 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : digitalshiksha ( 1179)
PHP Version : 5.6.40
Disable Function : eval,show_source,system,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,show_source,curl_multi_exechellcmd, ini_restore,apache_get_modules,get_cfg_var,passthru, exec ,proc_get_status,fpassthru,c999_buff_prepare,c999_sess_put,c99_buff_prepare,c99_sess_put,proc_close,ini_alter,dl,symlink,link,proc_close,ini_alter,dl,symlink,link,mail
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/share/nmap/scripts/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /usr/share/nmap/scripts/iscsi-brute.nse
local brute = require "brute"
local creds = require "creds"
local iscsi = require "iscsi"
local shortport = require "shortport"
local stdnse = require "stdnse"

description = [[
Performs brute force password auditing against iSCSI targets.
]]

---
-- @output
-- PORT     STATE SERVICE
-- 3260/tcp open  iscsi   syn-ack
-- | iscsi-brute: 
-- |   Accounts
-- |     user:password123456 => Valid credentials
-- |   Statistics
-- |_    Perfomed 5000 guesses in 7 seconds, average tps: 714

-- Version 0.1
-- Created 2010/11/18 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- Revised 2010/11/27 - v0.2 - detect if no password is needed <patrik@cqure.net>


author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"intrusive", "brute"}

portrule = shortport.portnumber(3260, "tcp", {"open", "open|filtered"})

Driver = {
	
	new = function(self, host, port)
		local o = {}
       	setmetatable(o, self)
        self.__index = self
		o.host = host
		o.port = port
		o.target = stdnse.get_script_args('iscsi-brute.target')
		return o
	end,
	
	connect = function( self )
		self.helper = iscsi.Helper:new( self.host, self.port )
		return self.helper:connect()
	end,
	
	login = function( self, username, password )
		local status = self.helper:login( self.target, username, password, "CHAP")
		
		if ( status ) then
			return true, brute.Account:new(username, password, creds.State.VALID)
		end
		
		return false, brute.Error:new( "Incorrect password" )
	end,
	
	disconnect = function( self )
		self.helper:close()
	end,
}


action = function( host, port )

	local target = stdnse.get_script_args('iscsi-brute.target')
	if ( not(target) ) then
		return "ERROR: No target specified (see iscsi-brute.target)"
	end
	
	local helper = iscsi.Helper:new( host, port )
	local status, err = helper:connect()
	if ( not(status) ) then return false, "Failed to connect" end

	local response
	status, response = helper:login( target )
	helper:logout()
	helper:close()

	if ( status ) then return "No authentication required" end

	local accounts

	local engine = brute.Engine:new(Driver, host, port)
	engine.options.script_name = SCRIPT_NAME
	status, accounts = engine:start()

	if ( status ) then return accounts end
end

Youez - 2016 - github.com/yon3zu
LinuXploit