http - Nmap 卡住在 NSE 计时阶段

Question

我在终端中运行了这个脚本:

nmap -p 80 --script http-joomla-brute --script-args 'passdb=/Users/abc/Documents/passwords.txt,http-joomla-brute.threads=5,brute.firstonly=true, unpwdb.timelimit=0' my.website.here.

它显示:

Starting Nmap 6.40-2 ( http://nmap.org ) at 2014-04-02 19:39 EDT
Stats: 0:02:21 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:03:41 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:46 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:50 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:51 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:51 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:05:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:07:18 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:15:55 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:16:03 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:17:50 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:22:06 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done
Stats: 0:22:22 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 0.00% done

这样已经持续了一个多小时了。有什么问题吗？

感谢您提供的任何帮助。

Answer 1

Nmap 通过 simple calculation 计算 NSE 的完成时间百分比:

   progress("printStats", 1-(nr+nw)/total);

其中nr是正在运行的NSE线程数，nw是等待线程数，total是线程总数推出。在这种情况下，http-joomla-brute是一个单线程脚本，并且您只运行其中一个，因此它将显示“0.00％完成”，直到完全完成。

在 a previous question ，您询问并收到了有关如何绕过暴力破解尝试的默认 10 分钟限制的答案。如果没有这个限制，就很难判断脚本需要多长时间才能完成。您可以通过使用 -d2 选项将调试级别增加到 2 或在运行时按两次 d 来获取诊断输出。您也许能够观察正在尝试的特定用户名和密码，并据此推断脚本在您的列表中走了多远。