The brute
library supports different modes that alter the combinations used in the attack. The available modes are:
user
: In this mode, for each user listed inuserdb
, every password inpassdb
will be tried, as follows:
$ nmap --script <brute force script> --script-args brute.mode=user <target>
pass
: In this mode, for each password listed inpassdb
, every user inuserdb
will be tried, as follows:
$ nmap --script <brute force script> --script-args brute.mode=pass <target>
creds
: This mode requires the additional argumentbrute.credfile
, as follows:
$ nmap--script <brute force script> --script-args brute.mode=creds,brute.credfile=./creds.txt <target>
To make sure that you only guess each password once, use the argument brute.unique
. By default, it is enabled, set it to false
to disable it:
$ nmap --script <brute force script> --script-args brute.unique=false <target>
To set the number of retries in case an attempt fails, use the argument...