GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


Network Security

Published on June 15th, 2017 | by MaxiSoler

0

BruteSpray v1.5 – Brute-Forcing Services with Medusa

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

Changelog v1.5

  • added interactive mode

Supported Services

  • ssh
  • ftp
  • telnet
  • vnc
  • mssql
  • mysql
  • postgresql
  • rsh
  • imap
  • nntp
  • pcanywhere
  • pop3
  • rexec
  • rlogin
  • smbnt
  • smtp
  • svn
  • vmauthd

 

Usage Examples:

Using Custom Wordlists:

python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5

Brute-Forcing Specific Services:

python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5

 

More information: here

Thanks to Shane Young for sharing this tool with us.

Tags: , , , ,


About the Author

ToolsWatcher :)
@maxisoler



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑