You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The rexec-brute.nse script reports username:password combinations as "valid credentials" even though the response from the server is "rexecd: Login incorrect".
After looking at the source of the script it looks like it reports every tried user:pass combination as valid as long as the server sends a response. (https://svn.nmap.org/nmap/scripts/rexec-brute.nse)
The text was updated successfully, but these errors were encountered:
Ran into this today. Modified the script to print the response and it looks like the server is sending "Authentication failed for user GUEST." which obviously isn't a successful execution.
The rexec-brute.nse script reports username:password combinations as "valid credentials" even though the response from the server is "rexecd: Login incorrect".
After looking at the source of the script it looks like it reports every tried user:pass combination as valid as long as the server sends a response. (https://svn.nmap.org/nmap/scripts/rexec-brute.nse)
The text was updated successfully, but these errors were encountered: