Mailing List Archive: Nessus: users

HTTP Authentication

Index | Next | Previous | View Threaded

j.wiggins at shc

Nov 16, 2007, 7:04 AM

Post #1 of 2 (242 views)
Permalink

HTTP Authentication

Does any one know any examples of getting HTTP authentication working in
Nessus plugins? I need to write a script to check for default user
names/passwords.

Thanks,
John
_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

theall at tenablesecurity

Nov 16, 2007, 4:53 PM

Post #2 of 2 (216 views)
Permalink

Re: HTTP Authentication [In reply to]

On 11/16/07 10:04, John Wiggins wrote:

> Does any one know any examples of getting HTTP authentication working in
> Nessus plugins? I need to write a script to check for default user
> names/passwords.

I'm not clear what you're seeking to do, but take a look at:

o Plugin #11149 (http_login.nasl)
Tries to log in via a page specified in the
plugin preferences and save the session cookie
in the KB.

o Plugin #15873 (hydra_http.nasl)
Tries to bruteforce HTTP passwords using Hydra.

o Plugin #20176 (mailwatch_authenticate_sql_injection.nasl)
This plugin offers an example of using Basic
Authentication a la RFC 2617.

George
--
theall [at] tenablesecurity
_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads