matricali / cbrutekrag Goto Github PK

Penetration tests on SSH servers using brute force or dictionary attacks. Written in C.

License: MIT License

Makefile 1.30% C 96.11% Shell 2.59%

ssh brute-force c command-line-tool ethical-hacking penetration-testing pentesting libssh multithreading dictionary-attack

cbrutekrag's Introduction

cbrutekrag's People

Contributors

Stargazers

Watchers

cbrutekrag's Issues

* buffer overflow detected *: terminated

Hi Jorge
I have a serious problem
cbrutekrag -P -T input.txt -C combinations.txt -t 100 -o log.txt

cbrutekrag -T input.txt -C combinations.txt -t 100 -o log.txt

Accept targets from STDIN

Implement worker capable of getting targets from STDIN while running, so it can be easily chained with other tools (like other network scanners)

Add option to output -s (Scan) results

Hi,
Please add an option to output filtered hosts from -s option.
Thanks

Build failing on Debian 7 and Debian 8 i386

On Debian Wheezy

W: Failed to fetch http://deb.debian.org/debian/dists/wheezy/main/binary-amd64/Packages  404  Not Found
W: Failed to fetch http://deb.debian.org/debian/dists/wheezy-updates/main/binary-amd64/Packages  404  Not Found
W: Failed to fetch http://security.debian.org/dists/wheezy/updates/main/binary-amd64/Packages  404  Not Found
W: Failed to fetch http://ftp.debian.org/debian/dists/wheezy-backports/main/source/Sources  404  Not Found
W: Failed to fetch http://ftp.debian.org/debian/dists/wheezy-backports/main/binary-amd64/Packages  404  Not Found
E: Some index files failed to download. They have been ignored, or old ones used instead.
make: *** [/build/cbrutekrag_0.4.6-1_amd64.changes] Error 100

On Debian Jessie arch=i386

W: There is no public key available for the following key IDs:
AA8E81B4331F7F50
W: Failed to fetch http://ftp.debian.org/debian/dists/jessie-backports/main/source/Sources  404  Not Found
W: Failed to fetch http://ftp.debian.org/debian/dists/jessie-backports/main/binary-i386/Packages  404  Not Found
E: Some index files failed to download. They have been ignored, or old ones used instead.
/pack//deb.mk:115: recipe for target '/build/cbrutekrag_0.4.6-1_i386.changes' failed
make: *** [/build/cbrutekrag_0.4.6-1_i386.changes] Error 100

Save only format ip|user|pass

Pls could you add option to save format ip|user|pass
using -o

and ty

Static Compile issue

Ubuntu 22.0, CentOS 8 similar error

~/cbrutekrag
rm -f obj/cbrutekrag.o obj/log.o obj/str.o obj/iprange.o obj/progressbar.o obj/bruteforce_ssh.o obj/detection.o obj/target.o obj/credentials.o
mkdir -p obj
Compiled src/cbrutekrag.c successfully!
Compiled src/log.c successfully!
Compiled src/str.c successfully!
Compiled src/iprange.c successfully!
Compiled src/progressbar.c successfully!
Compiled src/bruteforce_ssh.c successfully!
Compiled src/detection.c successfully!
Compiled src/target.c successfully!
Compiled src/credentials.c successfully!
/usr/bin/ld: obj/log.o:/root/cbrutekrag/src/log.c:30: multiple definition of `g_verbose'; obj/cbrutekrag.o:/root/cbrutekrag/src/cbrutekrag.c:46: first defined here
/usr/bin/ld: obj/detection.o: in function `detection_detect_ssh':
/root/cbrutekrag/src/detection.c:156: undefined reference to `FdSet'
collect2: error: ld returned 1 exit status
make: *** [Makefile.static:31: cbrutekrag] Error 1

Implement Command Execution - Output

Detect SonicWall SSH

I still got many duplicates output from honeypot would be great if cbrutekrag could skip the same cracked IP

const char *commandline = command;

It would be damn awesome if we can have -exec line in cbrutekrag

const char *commandline = command; (ex: -cmd -exec)

Implement Fake Process

Hello !
A Fake Process will be awesome.
This is an example of a fake process command line :

trcpy(argv[0],FAKE); // fake the proccess name.
while(fgets(buff,sizeof(buff),fp))
{
c=strchr(buff,'n');
if(c!=NULL) *c='.';
if (!(fork()))
{
where=0;
// printf("--> attacking %s",buff);
for (i=0; i<count; i=i+2){
// printf("--> Trying %s:%s %sn",a[i],a[i+1],buff);
checkauth(a[i],a[i+1],buff); // try to auth
}
exit(0);

this is taken from
https://github.com/MrMugiwara/against-cracker/blob/master/against.py
Of course, this is py, but i guess this can also be done in C.
Thank you, Brother !

Progress bar bug

When the terminal size is too low the progress bar gets stuck

Support for port on the targets list

Hello author!
This is a very good project. But I think he can improve it.
When infiltrating into the internal network, we often encounter many SSH protocols for non-standard ports.
When loading a target, I want to test the target in this format.
192.168.1.1#Default 22
192.168.1.2:2222
192.168.1.3:22022
This allows you to test different target ports simultaneously. If you do this, you don't need the -p parameter.
Looking forward to your reply

Implement dry run

Implement the ability of dry run

2 more options required

Thank you !

Support for use hostname as password

Is any chance to set a placeholder for password like for example #DOMAIN# and try the password as the domain ?

I mean let say I have abc.com , i want to put in combos.txt as password #DOMAIN# and to try as password abc.com . any chance? thanks!

Option to only scan good IPs and other option to export good IPs while running brute forcing to a new file (different with ouput file). Specs grabber

That way we can recheck those IPs again with different combo, and with specs grabber we can filter server by cpu/ram...

Port ranges

Improve the selection of ports, adding the possibility of specifying a list of ports or port ranges.

For example:
-p 22,2022,2200-2299

SIGSEGV when combinations file has empty lines

./cbrutekrag -sa -o LOCAL.log -t 1 10.9.1.160
           _                _       _
          | |              | |     | |
      ___ | |__  _ __ _   _| |_ ___| | ___ __ __ _  __ _
     / __|| '_ \| '__| | | | __/ _ \ |/ / '__/ _` |/ _` |
    | (__ | |_) | |  | |_| | ||  __/   <| | | (_| | (_| |
     \___||_.__/|_|   \__,_|\__\___|_|\_\_|  \__,_|\__, |
              OpenSSH Brute force tool 0.5.0        __/ |
          (c) Copyright 2014-2018 Jorge Matricali  |___/


Amount of username/password combinations: 7
Number of targets: 1
Total attemps: 7
Max threads: 1

[2020/01/22 14:51:59] Starting servers discoverage process...
[2020/01/22 14:51:59] [!] 10.9.1.160:22 - SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
[2020/01/22 14:51:59] Detection process took 0.123840 seconds.
[2020/01/22 14:51:59] Number of targets after filtering: 1.
[2020/01/22 14:51:59] Starting brute-force process...
[2020/01/22 14:52:07] Error: signal 11:

./cbrutekrag(err_handler+0x2b)[0x5639f850de5b]
/lib/x86_64-linux-gnu/libc.so.6(+0x3ef20)[0x7f818b551f20]
/lib/x86_64-linux-gnu/libc.so.6(+0xa9e8a)[0x7f818b5bce8a]
./cbrutekrag(main+0x411)[0x5639f850d881]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xe7)[0x7f818b534b97]
./cbrutekrag(_start+0x2a)[0x5639f850dd4a]

static build compile error...help

[root@localhost cbrutekrag]# ./static-build.sh
~/test/cbrutekrag/external/libssh-0.9.3/build ~/test/cbrutekrag
-- Could NOT find NaCl (missing: NACL_LIBRARIES NACL_INCLUDE_DIRS)
-- Threads_FOUND=TRUE
-- ********************************************
-- ********** libssh build options : **********
-- zlib support: ON
-- libgcrypt support: OFF
-- libmbedTLS support: OFF
-- libnacl support: OFF
-- SFTP support: ON
-- Server support : ON
-- GSSAPI support : ON
-- GEX support : ON
-- Pcap debugging support : ON
-- Build shared library: OFF
-- Unit testing: OFF
-- Client code testing: OFF
-- Blowfish cipher support: OFF
-- Server code testing: OFF
-- Public API documentation generation
-- Benchmarks: OFF
-- Symbol versioning: ON
-- Allow ABI break: OFF
-- Release is final:
-- Global client config: /etc/ssh/ssh_config
-- Global bind config: /etc/ssh/libssh_server_config
-- ********************************************
-- Configuring done
-- Generating done
-- Build files have been written to: /root/test/cbrutekrag/external/libssh-0.9.3/build
[ 1%] Searching for files
[ 1%] Built target dev_header_list_int
[ 1%] Built target dev_header_list
[ 2%] Extracting symbols from headers
[ 2%] Built target libssh_dev.symbols_int
[ 2%] Built target libssh_dev.symbols
[ 4%] Generating the map libssh_dev.map
[WARNING] Overwriting existing file '/root/test/cbrutekrag/external/libssh-0.9.3/build/src/libssh_dev.map'
No symbols added or removed. Nothing done.
[ 4%] Built target libssh_dev.map_int
[ 4%] Built target libssh_dev.map
[100%] Built target ssh
~/test/cbrutekrag
rm -f obj/cbrutekrag.o obj/log.o obj/str.o obj/iprange.o obj/progressbar.o obj/bruteforce_ssh.o obj/detection.o obj/target.o obj/credentials.o obj/macrowrapper.o
mkdir -p obj
Compiled src/cbrutekrag.c successfully!
Compiled src/log.c successfully!
Compiled src/str.c successfully!
Compiled src/iprange.c successfully!
Compiled src/progressbar.c successfully!
Compiled src/bruteforce_ssh.c successfully!
Compiled src/detection.c successfully!
Compiled src/target.c successfully!
Compiled src/credentials.c successfully!
Compiled src/macrowrapper.c successfully!
/usr/bin/ld: cannot find -lrt
/usr/bin/ld: cannot find -lcrypto
/usr/bin/ld: cannot find -lz
/usr/bin/ld: cannot find -lpthread
/usr/bin/ld: cannot find -ldl
/usr/bin/ld: cannot find -lc
collect2: error: ld returned 1 exit status
make: *** [cbrutekrag] Error 1

multiple successful results with the same IP address,

multiple successful results with the same IP address, completely incorrect, taking up time, and unable to be used in practical situations.

check your email! :)

check your email bro i sent something there !

matricali / cbrutekrag Goto Github PK

cbrutekrag's Introduction

cbrutekrag's People

Contributors

Stargazers

Watchers

Forkers

cbrutekrag's Issues

Recommend Projects

Recommend Topics

Recommend Org