brutespray v1.8.1 released: Brute-Forcing from Nmap output
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. It can even find non-standard ports by using the -sV inside Nmap.
Supported Services
- ssh
- ftp
- telnet
- vnc
- mssql
- mysql
- postgresql
- rsh
- imap
- nntp
- pcanywhere
- pop3
- rexec
- rlogin
- smbnt
- smtp
- svn
- vmauthd
Changelog v1.8.1
- minor spelling fix
- requirements update
- dependency clean
- banner changes
Installation
Usage
First, do a nmap scan with -oG nmap.gnmap or -oX nmap.xml.
Command: python brutespray.py -h
Examples
Using Custom Wordlists:
python brutespray.py –file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt –threads 5 –hosts 5
Brute-Forcing Specific Services: –file nmap.gnmap –service ftp,ssh,telnet –threads 5 –hosts 5
Specific Credentials: –file nmap.gnmap -u admin -p password –threads 5 –hosts 5
Continue After Success:–file nmap.gnmap –threads 5 –hosts 5 -c
Use Nmap XML Output: –file nmap.xml –threads 5 –hosts 5
Interactive Mode: –file nmap.xml -i
Demo
Copyright (c) [2017] [Shane Young]
Source: https://github.com/x90skysn3k/