Nmap drda-brute NSE Script
This page contains detailed information about how to use the drda-brute NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/drda-brute.nse
Script categories: intrusive, brute
Target service / protocol: drda, ibm-db2, tcp
Target network port(s): 50000, 60000
List of CVEs: -
Script Description
The drda-brute.nse script performs password guessing against databases supporting the IBM DB2 protocol such as Informix, DB2 and Derby
Drda-brute NSE Script Arguments
This is a full list of arguments supported by the drda-brute.nse script:
drda-brute.dbname
The database name against which to guess passwords (default "SAMPLE").
The amount of accounts to attempt to brute force in parallel (default 10).
passdbThe filename of an alternate password database. Default: nselib/data/passwords.lst
unpwdb.passlimit
The maximum number of passwords passwords will return (default unlimited).
The maximum amount of time that any iterator will run before stopping. The value is in seconds by default and you can follow it with ms, s, m, or h for milliseconds, seconds, minutes, or hours. For example, unpwdb.timelimit=30m or unpwdb.timelimit=.5h for 30 minutes. The default depends on the timing template level (see the module description). Use the value 0 to disable the time limit.
The maximum number of usernames usernames will return (default unlimited).
The filename of an alternate username database. Default: nselib/data/usernames.lst
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:
nmap --script=drda-brute --script-args drda-brute.dbname=value,drda-brute.threads=value <target>Drda-brute NSE Script Example Usage
Here's an example of how to use the drda-brute.nse script:
nmap -p 50000 --script drda-brute <target>
Drda-brute NSE Script Example Output
Here's a sample output from the drda-brute.nse script:
50000/tcp open drda
| drda-brute:
|_ db2admin:db2admin => Valid credentials
Drda-brute NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/drda-brute.html
- https://github.com/nmap/nmap/tree/master/scripts/drda-brute.nse
See Also
Related NSE scripts to the drda-brute.nse script:
Visit Nmap NSE Library for more scripts.
The drda-brute.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Failed to load usernames
Here is a relevant code snippet related to the "Failed to load usernames" error message:
143: return ("The databases %s was not found. (Use --script-args drda-brute.dbname=<dbname> to specify database)"):format(database)
144: end
145:
146: status, usernames = unpwdb.usernames()
147: if ( not(status) ) then
148: return "Failed to load usernames"
149: end
150:
151: -- make sure we have a valid pw file
152: status, passwords = unpwdb.passwords()
153: if ( not(status) ) then
Failed to load passwords
Here is a relevant code snippet related to the "Failed to load passwords" error message:
149: end
150:
151: -- make sure we have a valid pw file
152: status, passwords = unpwdb.passwords()
153: if ( not(status) ) then
154: return "Failed to load passwords"
155: end
156:
157: creds = new_usrpwd_iterator( usernames, passwords )
158:
159: stdnse.debug1("Starting brute force with %d threads", max_threads )
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
