Brute forcing HTTP authentication
Many home routers, IP webcams, and web applications still rely on HTTP authentication these days, and we, as system administrators or penetration testers, need to make sure that the system or user accounts are not using weak credentials. Now, thanks to the NSE script http-brute
, we can perform robust dictionary attacks against HTTP basic, digest, and NTLM authentication.
This recipe shows how to perform brute force password auditing against web servers that are using HTTP authentication.
How to do it...
Use the following Nmap command to perform brute force password auditing against a resource protected by HTTP's basic authentication:
$ nmap -p80 --script http-brute <target>
The results will return all the valid accounts that were found (if any):
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-brute: | Accounts | admin:secret => Valid credentials | Statistics |_ Perfomed 603 guesses in 7 seconds, average...