ncrack
ncrack copied to clipboard
Request for more URL-friendly syntax
It would IMHO be nice to have a more URL-familiar syntax for password-cracking HTTP/HTTPS resources. So these examples (as is required now?):
ncrack -p80 10.0.0.1 -g path=Status_Router.asp
ncrack -p443 10.0.0.1 -g path=Status_Router.asp
could be issued as:
ncrack http://10.0.0.1/Status_Router.asp
ncrack https://10.0.0.1/Status_Router.asp
I.e. the default port could be 80 and 443 as usual.
(and maybe ncrack 10.0.0.1:80/Status_Router.asp
and ncrack 10.0.0.1:443/Status_Router.asp
too?).
This could be extended to default port for other schemes that has a IETF defined URL-scheme.
Part of this was discussed in this thread: http://seclists.org/nmap-dev/2009/q2/531 It could probably support the syntax you propose. Back then, we had decided that it was better not to replicate the URL-like syntax exactly.
Okay. I understand it would be a lot of work to rewrite (some of) the code for this.