Nmap Development mailing list archives

By Date By Thread Ncrack revived From: Fotis Hantzis <ithilgore.ryu.l () gmail com>

Date: Wed, 4 Nov 2015 10:10:51 +0200

Hello nmap-dev, it's been a while since I last updated Ncrack but I have been actively working on it for quite some time now. I already updated the SSH module by porting the latest openssh code (7.1) to the internal Ncrack ssh library (currently only on svn). Now it is working against all latest ssh servers. The analysis of how this was originally accomplished back when I originally built the first version of the Ncrack SSH module is here for anyone interested: http://sock-raw.org/papers/openssh_library I am aware that currently many people are using NSE for some of your brute-forcing tasks, but Ncrack still remains a highly specialized tool for this purpose, with a lot of useful features. Some of its main advantages are: * Intelligent core networking engine: Ncrack knows when to back off to avoid DoS-ing a service and when to increase its network connections by constantly trying to find a golden ration between efficiency (speed) and reliability. For example other competitors led to the shutdown of the FTP service while Ncrack managed to maintain a balance and find the credentials correctly: https://hackertarget.com/brute-forcing-passwords-with-ncrack-hydra-and-medusa/ * Service recognition through Nmap: Ncrack can automatically get input from the normal (-oN) or XML (-oX) Nmap output, recognize which ports are open and brute-force the equivalent services that its modules support. * Fine-grained timing control: Ncrack provides a variety of timing options with which you can optimize your brute-force scans. Alongside the generic timing templates (T0 - T5), you can specify the upper and lower limit of network connections per service, the total number of connections, the authentication tries per connection, the delay between each connection initiation and others which give the penetration tester total control of a brute-force attack allowing him to be flexible both in terms of stealth and performance. Other features include: * Stop current session and restore it later. * Built-in lists of most frequently used usernames and passwords. * Various modes of username/password list iteration (username first, password first, pairwise) It would be great if nmap-dev voiced their opinion on which new features they would like to see in Ncrack: - Which new protocols should Ncrack support? (prioritization list) - What new features would be most helpful for the pentester? - Any other ideas for improvement For anyone that would like to help improve Ncrack by building more protocol modules, I have written an extensive guide on how this can easily be accomplished: https://nmap.org/ncrack/devguide.html Cheers, Ithilgore (Fotis Hantzis) -- http://sock-raw.org _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/ By Date By Thread Current thread: Ncrack revived Fotis Hantzis (Nov 04) Re: Ncrack revived Jacek Wielemborek (Nov 04) Re: Ncrack revived Daniel Miller (Nov 04) Re: Ncrack revived Fotis Hantzis (Nov 04) Re: Ncrack revived Jacek Wielemborek (Nov 05)

Fotis Hantzis (Nov 04)