Von: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] Im
Auftrag von George A. Theall
Gesendet: Montag, 12. Dezember 2005 12:59
An: nessus@list.nessus.org
Betreff: Re: Nessus-configuration for the use of hydra
On Mon, Dec 12, 2005 at 11:54:49AM +0100, M.Heilmann@hzd.hessen.de wrote:
In nessusd.messages I get for all hydra_xxx.nasl the same message:
Not
launching hydra_xxx.nasl ....because the key Secret/hydra/logins_file
is missing
But there are entries for the Logins and Password files in the
Linux-GUI-Client under Prefs./Hydra (NASL wrappers options).
George A. Theall wrote:
Do those entries point to valid files on the nessusd host?
George
Yes, the entries point to valid files. The files have one entry per line. The
PATH to hydra is right, too.
At first I tried it only with the plugin-group "Brute force attacks". I looked
for the dependencies of the plugin 15872 (named "Hydra: FTP") and enabled all
necessary plugins. But I never saw any result-message in the nessus-output.
Then I tried it again and enabled all plugins. With this configuration I didn't
get the message "launching hydra_xxx.nasl ....because the key
Secret/hydra/logins_file", but I didn't get any spezific hydra-messages,too.
But I know about two ftp-accounts where username and password are identical.
The script of hydra_ftp.nasl (plugin 15872) show me, that I should get a
message like: Hydra was able to break the following FTP accounts: .....
When I start hydra from the commandline without nessus, hydra show me the two
missed ftp-accounts.
For information: I use the OS Linux 9.3, Nessus 2.2.6 and hydra 5.0.
Michael Heilmann
Hessische Zentrale für Datenverarbeitung
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
