Lines Matching refs:brute
1 local brute = require "brute"
9 Performs brute force password auditing against Joomla web CMS installations.
11 This script initially reads the session cookie and parses the security token to perfom the brute fo…
12 It uses the unpwdb and brute libraries to perform password guessing. Any successful guesses are sto…
23 -- nmap -sV --script http-joomla-brute
24 -- --script-args 'userdb=users.txt,passdb=passwds.txt,http-joomla-brute.hostname=domain.com,
25 -- http-joomla-brute.threads=3,brute.firstonly=true' <target>
26 -- nmap -sV --script http-joomla-brute <target>
31 -- | http-joomla-brute:
37 -- @args http-joomla-brute.uri Path to authentication script. Default: /administrator/index.php
38 -- @args http-joomla-brute.hostname Virtual Hostname Header
39 -- @args http-joomla-brute.uservar sets the http-variable name that holds the
41 -- @args http-joomla-brute.passvar sets the http-variable name that holds the
43 -- @args http-joomla-brute.threads sets the number of threads. Default: 3
47 -- * brute.firstonly = Boolean - Stop attack when the first credentials are found
48 -- * brute.mode = user/creds/pass - Username password iterator
53 -- @see http-form-brute.nse
57 categories = {"intrusive", "brute"}
71 --This class implements the Brute library (https://nmap.org/nsedoc/lib/brute.html)
78 o.host = stdnse.get_script_args('http-joomla-brute.hostname') or host
80 o.uri = stdnse.get_script_args('http-joomla-brute.uri') or DEFAULT_JOOMLA_LOGIN_URI
99 return false, brute.Error:new( "Incorrect password" )
111 stdnse.debug1("Initial check passed. Launching brute force attack")
137 local uservar = stdnse.get_script_args('http-joomla-brute.uservar') or DEFAULT_JOOMLA_USERVAR
138 local passvar = stdnse.get_script_args('http-joomla-brute.passvar') or DEFAULT_JOOMLA_PASSVAR
139 …local thread_num = tonumber(stdnse.get_script_args("http-joomla-brute.threads")) or DEFAULT_THREAD…
141 engine = brute.Engine:new( Driver, host, port, { uservar = uservar, passvar = passvar } )