Awesome
Mass Bruter
Mass bruteforce network protocols
Info
Simple POC to quickly mass bruteforce common services in a large scale of network.
It will check for default credentials on ftp, ssh, mysql, mssql...etc.
This was made for authorized penetration testing purpose only.
How it works
- Use
masscan
(faster than nmap) to find alive hosts with common ports from network segment. - Parse ips and ports from
masscan
result. - Craft and run
hydra
commands to automatically bruteforce supported network services on devices.
Requirements
Kali linux
or any preferred linux distributionPython 3.10+
# Install required tools for the script
apt update && apt install seclists masscan hydra
# Clone the repo
git clone https://github.com/opabravo/mass-bruter
cd mass-bruter
How To Use
1. Scan for hosts and ports with masscan
For example, target a network segment:
Private ip range :
10.0.0.0/8
,192.168.0.0/16
,172.16.0.0/12
Scan devices and ports from 172.16.0.0/12
, then save output to ./result/masscan/masscan_<any_name>.<any_ext>
masscan -p 3306,1433,21,22,23,445,3389,5900,6379,27017,5432,5984,11211,9200,1521 172.16.0.0/12 | tee ./result/masscan/masscan_test.txt
PS : To resume a previous scan:
masscan --resume paused.conf | tee -a ./result/masscan/masscan_test.txt
2. Run the script
Load masscan result then start bruteforcing:
python3 mass_bruteforce.py -q -f ~/masscan_script.txt
Fetch cracked credentials:
python3 mass_bruteforce.py -s
Command Options
┌──(root㉿root)-[~/mass-bruter]
└─# python3 mass_bruteforce.py
Usage: [OPTIONS]
Mass Bruteforce Script
Options:
-q, --quick Quick mode (Only brute telnet, ssh, ftp , mysql,
mssql, postgres, oracle)
-a, --all Brute all services(Very Slow)
-s, --show Show result with successful login
-f, --file-path PATH The directory or file that contains masscan result
[default: ./result/masscan/]
--help Show this message and exit.
Todo
- Migrate with
dpl4hydra
- Optimize the code and functions
- MultiProcessing
Any contributions are welcomed!