realms.db for the nikto_realms Plug-in
The realms.db
file contains the entries to drive the
attacks that the nitko_realms
plug-in attempts
against a server’s Basic Auth
HTTP authorization.
The syntax is as follows:
[Realm], [Username], [Password],[Success Message] "@ANY","test","test","Generic account discovered." "ConfigToolPassword",,,"Realm matches a Nokia Checkpoint Firewall-1"
The plug-in checks to see if the realm is matched, and if so, it
attempts to authenticate using the
Username
and
Password
. On success the message is
displayed to the user. The entry @ANY
is a
wildcard that matches all realms.
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.