Crowbar (Levye) - Brute forcing tool for pentests

zxcvb

Administrator
Administrator
Регистрация
1 Янв 1970
Сообщения
2.539
Одобрения
2.511
#1
Брут поддерживает такие протоколы как
  • OpenVPN
  • SSH private key authentication
  • VNC key authentication
  • Remote Desktop Protocol (RDP) with NLA support
для работы необходимы следующие пакеты
openvpn, freerdp-x11, vncviewer

Ставим:
Код:
apt-get install openvpn freerdp-x11 vncviewer
тянем сам брут:

Код:
git clone https://github.com/galkan/crowbar
описание команд:


Код:
-h: Shows help menu.

-b: Target service. Crowbar now supports vnckey, openvpn, sshkey, rdp.

-s: Target ip address.

-S: File name which is stores target ip address.

-u: Username.

-U: File name which stores username list.

-n: Thread count.

-l: File name which stores log. Default file name is crwobar.log which is located in your current directory

-o: Output file name which stores the successfully attempt.

-c: Password.

-C: File name which stores passwords list.

-t: Timeout value.

-p: Port number

-k: Key file full path.

-m: Openvpn configuration file path

-d: Run nmap in order to discover whether the target port is open or not. So that you can easily brute to target using crowbar.

-v: Verbose mode which is shows all the attempts including fail.
Больше инфы можно узнать из хелпа:

Код:
crowbar --help

пример запуска брута "дедиков"

Код:
crowbar.py -b rdp -s 192.168.2.182/32 -u admin -c Aa123456
Остальные команды можете посмотреть на github
всем чмоке