Tools

brutespray – Brute-Forcing from Nmap output – Automatically attempts default creds on found services

brutespray

brutespray –  Brute-Forcing from Nmap output – Automatically attempts default creds on found services

 

Created by: Shane Young/@x90skysn3k &;& Jacob Robles/@shellfail>

Description

BruteSpray takes nmap GNMAP output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

Usage

First do an nmap scan with ‘-oA nmap.gnmap’.

Command: python brutespray.py -h

Example: python brutespray.py –file nmap.gnmap –services all –threads 3 –hosts 5

Version

v1.0

Supported Services

  • ssh
  • ftp
  • telnet
  • vnc
  • mssql
  • mysql
  • postgresql
  • rsh
  • imap
  • nntp
  • pcanywhere
  • pop3
  • rexec
  • rlogin
  • smbnt
  • smtp
  • snmp
  • svn
  • vmauthd

Notes

Feel free to update wordlists.

DOWNLOAD

You Might Also Like