Brute Forcing

On June 13th, 2012, posted in: Instructional by Comments Off

At some stage or another we have all used Hydra or Medusa to brute force SSH or another protocol. One of the great things about security is there is always another way to do something. Therefore in this entry I would like to introduce you to some alternatives to Hydra and Medusa.

Ncrack http://nmap.org/ncrack/
is a high-speed network authentication cracking tool it was built by the same people behind that wonderful network tool Nmap.

Currently support the following protocols
RDP
SSH
http(s)
SMB
pop3(s)
VNC
FTP
telnet

Patator https://code.google.com/p/patator/
is a multi-purpose brute-forcer, with a modular design and flexible usage

Currently it supports the following modules:
* ftp_login : Brute-force FTP
* ssh_login : Brute-force SSH
* telnet_login : Brute-force Telnet
* smtp_login : Brute-force SMTP
* smtp_vrfy : Enumerate valid users using the SMTP VRFY command
* smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
* http_fuzz : Brute-force HTTP/HTTPS
* pop_passd : Brute-force poppassd (not POP3)
* ldap_login : Brute-force LDAP
* smb_login : Brute-force SMB
* mssql_login : Brute-force MSSQL
* oracle_login : Brute-force Oracle
* mysql_login : Brute-force MySQL
* pgsql_login : Brute-force PostgreSQL
* vnc_login : Brute-force VNC
* dns_forward : Forward lookup subdomains
* dns_reverse : Reverse lookup subnets
* snmp_login : Brute-force SNMPv1/2 and SNMPv3
* unzip_pass : Brute-force the password of encrypted ZIP files
* keystore_pass : Brute-force the password of Java keystore files

SSHtrix http://www.nullsecurity.net/cracker.html
is a very fast multithreaded SSH login cracker this only does SSH but it is extremely good at it.

On Hydra website they have a comparison between hydra, medusa and ncrack but I can only think that if ncrack will grow over the years to be the main tool for brute forcing any protocol.

http://www.thc.org/thc-hydra/network_password_cracker_comparison.html

Jamie

About the Author