I was wondering if somebody was improving the default passwords test
plugins. Currently Nessus has a SNMP plugin test (which does not include
some common SNMP communities or undocumented ones, such as cable-docsis)
[1] and an 'accounts' plugin which includes a limited text file with
username/passwords [2] for telnet connections. The 'accounts' plugin can
use a user-provided file, whileas the SNMP tests cannot.
I was wondering if it would be worth improving the current code base
with some common passwords lists [0] (I carry these around in my PDA
just in case :) Also, I am not aware for a plugin for common
username/passwords for HTTP authentication, si there any? Since some
tools/appliances are starting to use HTTP/HTTPS frontends it might
probable be worth having one.
If nobody disagrees I will (try to) send patches for both plugins: 10328
and 10264. Since the Bug Tracker (http://www.nessus.com/bugs/nessus)
seems to not be available yet I will probably send the patches to the
list (and hopefully somebody with write access to the CVS will commit
them :)
Regards
Javi
[0] Some passwords lists are available at:
http://www.phenoelit.de/dpl/dpl.html
http://www.cirt.net/cgi-bin/passwd.pl
http://security.nerdnet.com/rawdump.php is no longer available(was quite
popular)
[1]
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/snmp_default_communities.nasl
[2]
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/plugins/accounts/accounts.txt
plugins. Currently Nessus has a SNMP plugin test (which does not include
some common SNMP communities or undocumented ones, such as cable-docsis)
[1] and an 'accounts' plugin which includes a limited text file with
username/passwords [2] for telnet connections. The 'accounts' plugin can
use a user-provided file, whileas the SNMP tests cannot.
I was wondering if it would be worth improving the current code base
with some common passwords lists [0] (I carry these around in my PDA
just in case :) Also, I am not aware for a plugin for common
username/passwords for HTTP authentication, si there any? Since some
tools/appliances are starting to use HTTP/HTTPS frontends it might
probable be worth having one.
If nobody disagrees I will (try to) send patches for both plugins: 10328
and 10264. Since the Bug Tracker (http://www.nessus.com/bugs/nessus)
seems to not be available yet I will probably send the patches to the
list (and hopefully somebody with write access to the CVS will commit
them :)
Regards
Javi
[0] Some passwords lists are available at:
http://www.phenoelit.de/dpl/dpl.html
http://www.cirt.net/cgi-bin/passwd.pl
http://security.nerdnet.com/rawdump.php is no longer available(was quite
popular)
[1]
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/snmp_default_communities.nasl
[2]
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/plugins/accounts/accounts.txt