NiX Brute Forcer

[d4rkm4nx99]

NiX Brute Forcer is a tool that uses brute force in parallel to log into a system without having authentication credentials beforehand. This tool is intended to demonstrate the importance of choosing strong passwords.

The goal of NiX is to support a variety of services that allow remote authentication such as: MySQL, SSH, FTP, IMAP. It is based on NiX Proxy Checker.

If anyone is interested in beta testing new releases before the public release, please sent me an email.

CURRENT FEATURES:

- Basic Authorization & FORM support in both standard and HTTPS (SSL) mode

- HTTP/SOCKS 4 and 5 proxy support

- FORM auto-detection & Manual FORM input configuration.

- It is multi-threaded

- Wordlist shuffling via macros

- Auto-removal of dead or unreliable proxy and when site protection mechanism blocks the proxy

- Integrated proxy randomization to defeat certain protection mechanisms

- With Success and Failure Keys results are 99% accurate

- Advanced coding and timeout settings makes it outperform any other brute forcer

TODO:

MySQL, SSH, FTP and IMAP support.

Download http://myproxylists.com/NIX_BruteForce.bz2

sursa http://myproxylists.com/nix-brute-force

How to use? Type ./brute for options

For best reliability, update either to the latest PHP 5.2.x or 5.3.x. CLI

NIX_BruteForce.bz2 Directory structure:

NIX

|

|_32 32bit version of NiX

|_64 64bit version of NiX

|_loaders SourceGuardian 8.2 loaders (Both 32 and 64bit versions are included)

Requirements:

A) Linux box or a VPS

PHP CLI version between 5.2.x - 5.3.x

C) SourceGuardian 8.2 loader: Provided in "loaders" directory

D) If you are using PHP source compile (encouraged to use). The minimum ./configure options are:

--with-curl --enable-sockets --enable-pcntl --with-openssl

E)

Required php.ini settings:

short_open_tag = On

allow_call_time_pass_reference = On

safe_mode = Off

register_globals = Off

register_argc_argv = On

enable_dl = On

SourceGuardian 8.2 loader (extension) must be in extension_dir defined in php.ini

For PHP 5.2.x : extension=ixed.5.2.lin

For PHP 5.3.x : extension=ixed.5.3.lin

If you are using 32bit operating system, you need to copy the loader from "32" directory

If you are using 64bit operating system, you need to copy the loader from "64" directory

        #           ----------------------------------------------------------------           #
        #                           NiX - Brute Forcer Configuration                           #
        #           ----------------------------------------------------------------           #

# If you define a success key, it has to be entered exactly as it is
# given in the member area. Leave it empty if you do not have one. This
# setting applies to both BASIC and FORM mode! If you have a success
# key, you will not need failure keys.

Success_Key=''

# If a success key is left empty, edit this regular expression to narrow
# down fake results. This setting applies to both BASIC/FORM mode.

Failure_Key=''

# A success or failure key can be GNU grep style pattern. Here's an example:

# Failure_Key='invalid username|denied'

# NOTE: In BASIC AUTH MODE, if you don't have success or failure key, leave empty!

# If auto detect of the FORM mode failed, make sure to define a valid
# POST DATA. Leave it empty if you want to use auto-detection. This
# setting is only for advanced users.

# When you manually set the POST data, be sure to define the first FORM
# target separated by a double colon [::]. After the two colons, add the
# NIXUSER and NIXPASS variables like shown in the example below. NiX
# will replace the constants NIXUSER and NIXPASS with the appropriate
# values.

Form_Data=''

# Result below is from FORM AUTO-DETECT:

# FORM_TARGET: http://www.forum.com/forum/login.php?do=login
# FORM_DATA: vb_login_username=NIXUSER&vb_login_password=NIXPASS&submit=Log+in&do=login&vb_login_md5password=&vb_login_md5password_utf=
# Cookie: bblastvisit=1299009176; bblastactivity=0;

# FORM manual input example (Use Firefox's Live HTTP headers plugin for this data if auto detect of the FORM mode failed)

# Form_Data='http://www.forum.com/forum/login.php?do=login::vb_login_username=NIXUSER&vb_login_password=NIXPASS&submit=Log+in&do=login&vb_login_md5password=&vb_login_md5password_utf=::bblastvisit=1299009176; bblastactivity=0;'

# MACRO: [User][Upper] Uppercase all letters in a username
# MACRO: [User][Lower] Lowercase all letters in a username
# MACRO: [User][Capital] Convert the first letter to uppercase in a username
# MACRO: [User][capitaL] Convert the last letter to uppercase in a username
# MACRO: [User][CapitaL] Convert the first and the last letter to uppercase in a username
# MACRO: [User][invert] Invert all letters in a username

# MACRO: [Pass][Upper] Uppercase all letters in a password
# MACRO: [Pass][Lower] Lowercase all letters in a password
# MACRO: [Pass][Capital] Convert the first letter to uppercase in a password
# MACRO: [Pass][capitaL] Convert the last letter to uppercase in a password
# MACRO: [Pass][CapitaL] Convert the first and the last letter to uppercase in a password
# MACRO: [Pass][invert] Invert all letters in a password

# You can combine both macros. Example: [User][Upper][Pass][Capital]
# This will uppercase all letters in a username and convert the first letter to uppercase in a password!
# Leave empty to use original wordlist.

MACRO=""

# Example: MACRO="[User][Capital][Pass][Capital]"

# The number of allowed timeouts before a proxy is removed from the list

Timeouts="3"

# The number of allowed read/write errors before a proxy is removed from the list

RTimeouts="3"

# Debug mode - Set to "no" to disable

Debug="no"

# Set this to "yes" to make the Debug Mode detect possible logic errors
# (See $PWD/debug directory for *.NIX files)

Debug_Check="yes"

# This option will allow NiX to automatically check for updates upon
# starting. Set this to "no" to disable

Auto_Check_Update="yes"

Edited July 4, 2013 by d4rkm4nx99