Jump to content
Fi8sVrs

brutespray - Brute-Forcing from Nmap output - Automatically attempts default creds on found services.

By Fi8sVrs, in Programe hacking

Recommended Posts

  • Active Members
Fi8sVrs Rookie

Fi8sVrs

Posted
  • Active Members
Posted

BruteSpray

Created by: Shane Young/@x90skysn3k && Jacob Robles/@shellfail

Inspired by: Leon Johnson/@sho-luv

Credit to Medusa: JoMo-Kun / Foofus Networks - http://www.foofus.net

Version - 1.6.0

 

Demo:

 

 

Description

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

 

687474703a2f2f692e696d6775722e636f6d2f6b

 

Installation 

pip install -r requirements.txt

 

On Kali 

apt-get install brutespray

 

Usage 

First do an nmap scan with -oG nmap.gnmap or -oX nmap.xml.

Command: python brutespray.py -h

Command: python brutespray.py --file nmap.gnmap

Command: python brutesrpay.py --file nmap.xml

Command: python brutespray.py --file nmap.xml -i

68747470733a2f2f692e696d6775722e636f6d2f

 

Examples

Using Custom Wordlists: 

python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5


Brute-Forcing Specific Services: 

python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5


Specific Credentials: 

python brutespray.py --file nmap.gnmap -u admin -p password --threads 5 --hosts 5


Continue After Success: 

python brutespray.py --file nmap.gnmap --threads 5 --hosts 5 -c


Use Nmap XML Output 

python brutespray.py --file nmap.xml --threads 5 --hosts 5


Interactive Mode 

python brutespray.py --file nmap.xml -i

68747470733a2f2f692e696d6775722e636f6d2f

 

Supported Services

  • ssh
  • ftp
  • telnet
  • vnc
  • mssql
  • mysql
  • postgresql
  • rsh
  • imap
  • nntp
  • pcanywhere
  • pop3
  • rexec
  • rlogin
  • smbnt
  • smtp
  • svn
  • vmauthd
  • snmp

 

Changelog

  • v1.6.0
    • added support for SNMP
  • v1.5.3
    • adjustments to wordlists
  • v1.5.2
    • change tmp and output directory behavior
  • v1.5.1
    • added check for no services
  • v1.5
    • added interactive mode
  • v1.4
    • added ability to use nmap XML
  • v1.3
    • added the ability to stop on success
    • added the ability to reference custom userlists and passlists
    • added the ability to specify specific users & passwords

 

Download: brutespray-master.zip 

git clone https://github.com/x90skysn3k/brutespray.git

 

Source: https://github.com/x90skysn3k/brutespray

 

 

  • Thanks 1
  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...