iT邦幫忙

第 11 屆 iT 邦幫忙鐵人賽

DAY 29
0

BruteSpay


BruteSpay 是一個暴力破解工具,使用 namp 產生出來的 xml 或 JSONS 來用 Medusa 進行暴力破解。

https://github.com/x90skysn3k/brutespray


  • 操作環境 Ubuntu 16
  • 安裝
git clone https://github.com/x90skysn3k/brutespray
cd brutespray
pip3 install -r requirements.txt
  • 操作指令
python3 brutespray.py -h

https://ithelp.ithome.com.tw/upload/images/20191013/20060971Zc7JHofge9.png

  • Option
usage: brutespray.py [-h] [-f FILE] [-o OUTPUT] [-s SERVICE] [-t THREADS]
                     [-T HOSTS] [-U USERLIST] [-P PASSLIST] [-u USERNAME]
                     [-p PASSWORD] [-c] [-i] [-m]

Usage: python brutespray.py <OPTIONS>

optional arguments:
  -h, --help            show this help message and exit

Menu Options:
  -f FILE, --file FILE  GNMAP, JSON or XML file to parse
  -o OUTPUT, --output OUTPUT
                        Directory containing successful attempts
  -s SERVICE, --service SERVICE
                        specify service to attack
  -t THREADS, --threads THREADS
                        number of medusa threads
  -T HOSTS, --hosts HOSTS
                        number of hosts to test concurrently
  -U USERLIST, --userlist USERLIST
                        reference a custom username file
  -P PASSLIST, --passlist PASSLIST
                        reference a custom password file
  -u USERNAME, --username USERNAME
                        specify a single username
  -p PASSWORD, --password PASSWORD
                        specify a single password
  -c, --continuous      keep brute-forcing after success
  -i, --interactive     interactive mode
  -m, --modules         dump a list of available modules to brute

上一篇
[Day 28]-Traxss
下一篇
[Day 30]-WeebDNS
系列文
利用開源資源執行安全檢測30

尚未有邦友留言

立即登入留言