Brute forcing HTTP authentication
Many home routers, IP webcams, and web applications still rely on HTTP authentication these days. As system administrators or penetration testers, we need to ensure that the system or user accounts are not using weak credentials. The http-brute
NSE script can perform robust dictionary attacks against HTTP basic, digest, and NTLM authentication.
This recipe shows how to perform brute-force password auditing against web servers that are using HTTP authentication.
How to do it...
Use the following Nmap command to perform brute-force password auditing against a resource protected by HTTP's basic authentication:
$ nmap -p80 --script http-brute <target>
The results will return all the valid accounts (if any):
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-brute: | Accounts | admin:secret => Valid credentials | ...