legba v0.6 releases: multiprotocol credentials bruteforcer / password sprayer and enumerator
Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime in order to achieve better performances and stability while consuming fewer resources than similar tools.
The tool requires a plugin name, a –target argument specifying the ip, hostname, and (optionally) the port of the target (optional whenever it matches the default port for the given protocol), and, depending on the selected plugin, a pair of –username and –password arguments or a single –data argument (like in the case of the dns.enum plugin which requires a single enumeration element).
The –username/–data and –password/–key arguments all support the same logic depending on the value passed to them:
- If the value provided is an existing file name, it’ll be loaded as a wordlist.
- If the value provided is in the form of @/some/path/*.txt it’ll be used as a glob expression to iterate matching files.
- If the value provided is in the form of #<NUMBER>-<NUMBER>:<OPTIONAL CHARSET>, it’ll be used to generate all possible permutations of the given charset (or the default one if not provided) and of the given length. For instance: #1-3 will generate all permutations from 1 to 3 characters using the default ASCII printable charset, while #4-5:0123456789 will generate all permutations of digits of 4 and 5 characters.
- Anything else will be considered as a constant string.
- legba <plugin name> –username admin –password data/passwords.txt will always use admin as username while loading the passwords from a wordlist.
- legba <plugin name> –username data/users.txt –password data/passwords.txt will load both from wordlists and use all combinations.
- legba <plugin name> –username admin will always use admin as username and attempt all permutations of the default printable ASCII charset between 4 and 8 characters (this is the default behaviour when a value is not passed).
- legba <plugin name> –username data/users.txt –password ‘@/some/path/*.key’ will load users from a wordlist while testing all key files inside /some/path.
- legba <plugin name> –username data/users.txt –password ‘#4-5:abcdef’ will load users from a wordlist while testing all permutations of the charaters abcdef 4 and 5 characters long.
- c5f6c71 new: added http.vhost virtual host enumeration
- 26539c9 new: implemented csv output format
- 3c9ad4f new: updated astbc-ssh2-tokio dependency to 0.8.2
- 778c2a9 misc: small fix or general refactoring i did not bother commenting
- a1bb54f new: increased default timeout and decreased default retries to address cases like #20
- 6438347 fix: using shared state to signal other plugin workers about unreachable endpoints
- 8473773 misc: small fix or general refactoring i did not bother commenting
Copyright (C) 2023 evilsocket