這是一個比較晦澀的話題,但任何幫助仍然讚賞。Nmap http-joomla-brute腳本示例?
我試圖運行在我的網站的登錄的Joomla蠻力測試。我試圖用NMAP的HTTP-的Joomla-蠻力,但由於某些原因,它不輸出處理,也不做它實際上做的蠻力與我把它的密碼列表。這裏是我的腳本:
nmap -sV --script http-joomla-brute --script-args 'passdb=/Users/abc/Documents/passwords.txt,http-joomla-brute.threads=5,brute.firstonly=true' my.website.here.
我認爲它只能運行初始測試(這實在是煩人BTW,有沒有人有辦法避免/跳過嗎?),默認的密碼列表中,因爲它表明類似「1495密碼測試」和我的密碼清單是496 MB,絕對超過1495密碼。我究竟做錯了什麼?
預先感謝您。
編輯:修正了腳本運行的一部分,但是現在它這樣做:
Starting Nmap 6.40-2 (http://nmap.org) at 2014-04-02 19:39 EDT
Stats: 0:02:21 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:03:41 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:46 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:50 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:51 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:51 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:07:18 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:15:55 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:16:03 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:17:50 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:22:06 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:22:22 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
我不認爲這是正常的。有沒有辦法來解決這個問題?
這可能是由於你的服務器只允許一定數量的請求到服務器的每** X **分鐘 – Lodder
量你在你的Joomla情況下更改密碼嘗試限制設置? – Elin
關於NSE定時,完成百分比是基於相對於總的已經完成NSE腳本和線程的數目。在腳本完成之前,它無法瞭解單個腳本的進度。如果你想大量的調試消息,去調試級別2('-d2'或按d的兩倍,而正在運行)。 – bonsaiviking