9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Performs brute force password auditing against IBM Informix Dynamic Server.
See the documentation for the unpwdb library.
See the documentation for the creds library.
See the documentation for the brute library.
See the documentation for the informix library.
nmap --script informix-brute -p 9088 <host>
PORT STATE SERVICE
9088/tcp open unknown
| informix-brute:
| Accounts
| ifxnoob:ifxnoob => Valid credentials
| Statistics
|_ Perfomed 25024 guesses in 75 seconds, average tps: 320
Summary
-------
x The Driver class contains the driver implementation used by the brute
library
local brute = require "brute"
local creds = require "creds"
local informix = require "informix"
local nmap = require "nmap"
local shortport = require "shortport"
local table = require "table"
description = [[
Performs brute force password auditing against IBM Informix Dynamic Server.
]]
---
-- @usage
-- nmap --script informix-brute -p 9088 <host>
--
-- @output
-- PORT STATE SERVICE
-- 9088/tcp open unknown
-- | informix-brute:
-- | Accounts
-- | ifxnoob:ifxnoob => Valid credentials
-- | Statistics
-- |_ Perfomed 25024 guesses in 75 seconds, average tps: 320
--
-- Summary
-- -------
-- x The Driver class contains the driver implementation used by the brute
-- library
--
--
-- Version 0.1
-- Created 07/23/2010 - v0.1 - created by Patrik Karlsson <[email protected]>
--
author = "Patrik Karlsson"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"intrusive", "brute"}
portrule = shortport.port_or_service( { 1526, 9088, 9090, 9092 }, "informix", "tcp", "open")
Driver =
{
new = function(self, host, port)
local o = {}
setmetatable(o, self)
self.__index = self
o.host = host
o.port = port
return o
end,
--- Connects performs protocol negotiation
--
-- @return true on success, false on failure
connect = function( self )
local status, data
self.helper = informix.Helper:new( self.host, self.port, "on_nmap_dummy" )
status, data = self.helper:Connect(brute.new_socket())
if ( not(status) ) then
return status, data
end
return true
end,
--- Attempts to login to the Informix server
--
-- @param username string containing the login username
-- @param password string containing the login password
-- @return status, true on success, false on failure
-- @return brute.Error object on failure
-- creds.Account object on success
login = function( self, username, password )
local status, data = self.helper:Login( username, password, {} )
if ( status ) then
if ( not(nmap.registry['informix-brute']) ) then
nmap.registry['informix-brute'] = {}
end
table.insert( nmap.registry['informix-brute'], { ["username"] = username, ["password"] = password } )
return true, creds.Account:new(username, password, creds.State.VALID)
-- Check for account locked message
elseif ( data:match("INFORMIXSERVER does not match either DBSERVERNAME or DBSERVERALIASES") ) then
return true, creds.Account:new(username, password, creds.State.VALID)
end
return false, brute.Error:new( data )
end,
--- Disconnects and terminates the Informix communication
disconnect = function( self )
self.helper:Close()
end,
}
action = function(host, port)
local status, result
local engine = brute.Engine:new(Driver, host, port )
engine.options.script_name = SCRIPT_NAME
status, result = engine:start()
return result
end
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%