Jump to content
Fi8sVrs

brutespray - Brute-Forcing from Nmap output - Automatically attempts default creds on found services.

By Fi8sVrs, in Programe hacking

Recommended Posts

  • Active Members
Fi8sVrs Rookie

Fi8sVrs

Posted
  • Active Members
Posted

BruteSpray

Created by: Shane Young/@x90skysn3k && Jacob Robles/@shellfail

Inspired by: Leon Johnson/@sho-luv

Credit to Medusa: JoMo-Kun / Foofus Networks - http://www.foofus.net

Version - 1.6.0

 

Demo:

 

 

Description

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

 

687474703a2f2f692e696d6775722e636f6d2f6b

 

Installation 

pip install -r requirements.txt

 

On Kali 

apt-get install brutespray

 

Usage 

First do an nmap scan with -oG nmap.gnmap or -oX nmap.xml.

Command: python brutespray.py -h

Command: python brutespray.py --file nmap.gnmap

Command: python brutesrpay.py --file nmap.xml

Command: python brutespray.py --file nmap.xml -i

68747470733a2f2f692e696d6775722e636f6d2f

 

Examples

Using Custom Wordlists: 

python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5


Brute-Forcing Specific Services: 

python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5


Specific Credentials: 

python brutespray.py --file nmap.gnmap -u admin -p password --threads 5 --hosts 5


Continue After Success: 

python brutespray.py --file nmap.gnmap --threads 5 --hosts 5 -c


Use Nmap XML Output 

python brutespray.py --file nmap.xml --threads 5 --hosts 5


Interactive Mode 

python brutespray.py --file nmap.xml -i

68747470733a2f2f692e696d6775722e636f6d2f

 

Supported Services

  • ssh
  • ftp
  • telnet
  • vnc
  • mssql
  • mysql
  • postgresql
  • rsh
  • imap
  • nntp
  • pcanywhere
  • pop3
  • rexec
  • rlogin
  • smbnt
  • smtp
  • svn
  • vmauthd
  • snmp

 

Changelog

  • v1.6.0
    • added support for SNMP
  • v1.5.3
    • adjustments to wordlists
  • v1.5.2
    • change tmp and output directory behavior
  • v1.5.1
    • added check for no services
  • v1.5
    • added interactive mode
  • v1.4
    • added ability to use nmap XML
  • v1.3
    • added the ability to stop on success
    • added the ability to reference custom userlists and passlists
    • added the ability to specify specific users & passwords

 

Download: brutespray-master.zip 

git clone https://github.com/x90skysn3k/brutespray.git

 

Source: https://github.com/x90skysn3k/brutespray

 

 

  • Thanks 1
  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...