You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Determine if the auth method being attempted is supported, to avoid doing work when it won't succeed.
Attempt to get a list of supported auth methods and choose one automatically. Sending AUTH with no options sometimes works for this, as well as finding supported extensions with CAPA. Maybe extend pop3-capabilities to do this also?
Support NTLM authentication (see pop3-ntlm-info and smb-brute)
Use extended error codes (RFC 2449 and RFC 3206) to identify when an -ERR might actually mean a successful authentication (e.g. IN-USE), a need to slow down (e.g. LOGIN-DELAY, see ftp-brute), or a need to retry (e.g. SYS/TEMP), among others.
The text was updated successfully, but these errors were encountered:
pop3-brute.nse is a very old script, and it's in need of some upgrades.
STLS
is required before authenticating and perform it. See https://seclists.org/nmap-dev/2010/q2/156AUTH
with no options sometimes works for this, as well as finding supported extensions withCAPA
. Maybe extendpop3-capabilities
to do this also?pop3-ntlm-info
andsmb-brute
)-ERR
might actually mean a successful authentication (e.g.IN-USE
), a need to slow down (e.g.LOGIN-DELAY
, seeftp-brute
), or a need to retry (e.g.SYS/TEMP
), among others.The text was updated successfully, but these errors were encountered: