Coder Social home page Coder Social logo

dusheeno / cerbrutus Goto Github PK

View Code? Open in Web Editor NEW

This project forked from cerbrutus-bruteforcer/cerbrutus

0.0 0.0 0.0 261 KB

Network brute force tool, written in Python. Faster than other existing solutions (including the main leader in the network brute force market).

License: Apache License 2.0

Python 100.00%

cerbrutus's Introduction

Cerbrutus

Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services.

COMING SOON: SMB, HTTP(s) POST, HTTP(s) GET, HTTP BASIC AUTH Thanks to @0dayctf, Rondons, Enigma, and 001 for testing and contributing

Installation:

cd /opt
git clone https://github.com/Cerbrutus-BruteForcer/cerbrutus

Usage:

python3 /opt/cerbrutus/cerbrutus.py --help
usage: cerbrutus.py [-h] -U USERS -P PASSWORDS [-p PORT] [-t THREADS] [-q [QUIET [QUIET ...]]] Host Service

Python based network brute forcing tool!

positional arguments:
  Host                  The host to connect to - in IP or VHOST/Domain Name form
  Service               The service to brute force (currently implemented 'SSH')

optional arguments:
  -h, --help            show this help message and exit
  -U USERS, --users USERS
                        Either a single user, or the path to the file of users you wish to use
  -P PASSWORDS, --passwords PASSWORDS
                        Either a single password, or the path to the password list you wish to use
  -p PORT, --port PORT  The port you wish to target (only required if running on a non standard port)      
  -t THREADS, --threads THREADS
                        Number of threads to use
  -q [QUIET [QUIET ...]], --quiet [QUIET [QUIET ...]]
                        Do not print banner
/opt/cerbrutus/cerbrutus.py 10.10.10.10 SSH -U "username" -P /opt/wordlists/fasttrack.txt -t 10

        ================================================================
            __    ___  ____   ____   ____  __ __  ______  __ __  _____
           /  ]  /  _]|    \ |    \ |    \|  |  ||      ||  |  |/ ___/
          /  /  /  [_ |  D  )|  o  )|  D  )  |  ||      ||  |  (   \_
         /  /  |    _]|    / |     ||    /|  |  ||_|  |_||  |  |\__  |
        /   \_ |   [_ |    \ |  O  ||    \|  :  |  |  |  |  :  |/  \ |
        \     ||     ||  .  \|     ||  .  \     |  |  |  |     |\    |
         \____||_____||__|\_||_____||__|\_|\__,_|  |__|   \__,_| \___|

        Network Brute Force Tool
        https://github.com/Cerbrutus-BruteForcer/cerbrutus
        ================================================================
        
[*] - Initialising password list...
Read in 224 words from /opt/wordlists/fasttrack.txt
[+] - Running with 10 threads...
[*] - Starting attack against [email protected]
[*] - Trying: 65/224

Test Run:

# The password is in line number 12600 in rockyou

64 threads -> 1400 seconds ~ 7 minutes (hydra took 30 minutes)
1000 threads -> 464 seconds -> 27 requests per second
100 threads took 1000 seconds -> 12 requests per second 

# the password is in line 460 
100 threads took 32 seconds -> 14 requests per second
1000 threads took 16 seconds -> 28 requests per second
64 threads took 51 seconds -> 9 requests per second (hydra took the same time)

# word number 20k in rockyou
1100 threads took 637 seconds which means 31 rps
110 threads took 1457 seconds so that's 13.7 rps

Uses a custom implementation of paramiko to overcome a few minor issues with implementing it for ssh brute forcing. - https://github.com/paramiko/paramiko/

cerbrutus's People

Contributors

cerbrutus-bruteforcer avatar 0dayctf avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.