Cbrutekrag | Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C

image

license GitHub contributors Build Status Static Build Status Latest stable release

cbrutekrag

Penetration tests on SSH servers using dictionary attacks. Written in C.

brute krag means “brute force” in afrikáans

Disclaimer

This tool is for ethical testing purpose only.
cbrutekrag and its owners can’t be held responsible for misuse by users.
Users have to act as permitted by local law rules.

Requirements

cbrutekrag uses libssh - The SSH Library (http://www.libssh.org/)

Build

Requirements:

  • make
  • gcc compiler
  • libssh-dev

git clone --depth=1 https://github.com/matricali/cbrutekrag.git cd cbrutekrag make make install

Static build

Requirements:

  • cmake
  • gcc compiler
  • make
  • libssl-dev
  • libz-dev

git clone --depth=1 https://github.com/matricali/cbrutekrag.git cd cbrutekrag bash static-build.sh make install

Run

$ cbrutekrag -h _ _ _ | | | | | | ___ | |__ _ __ _ | | | | ___ __ __ _ __ _ / || ’ | '| | | | / _ \ |/ / '/ |/ _ | | ( | |) | | | || | || __/ <| | | (| | (| | ___||./|| _,|__||__| _,|_, | OpenSSH Brute force tool 0.5.0 / | (c) Copyright 2014-2022 Jorge Matricali |_/ usage: ./cbrutekrag [-h] [-v] [-aA] [-D] [-P] [-T TARGETS.lst] [-C combinations.lst] [-t THREADS] [-o OUTPUT.txt] [TARGETS…] -h This help -v Verbose mode -V Verbose mode (sshlib) -s Scan mode -D Dry run -P Progress bar -T Targets file -C Username and password file -t Max threads -o Output log file -a Accepts non OpenSSH servers -A Allow servers detected as honeypots.

Example usages

cbrutekrag -T targets.txt -C combinations.txt -o result.log cbrutekrag -s -t 8 -C combinations.txt -o result.log 192.168.1.0/24

Supported targets syntax

  • 192.168.0.1
  • 10.0.0.0/8
  • 192.168.100.0/24:2222
  • 127.0.0.1:2222

Combinations file format

root root
root password
root $BLANKPASS$

GitHub:

2 Likes