Patator -A Multi-Purpose Brute-Forcer

Earlier we have several times talked about Brute forcer tool like THC-Hydra, Cain & Abel, Rainbow Crackand many more. Today we will discuss about Patator is a multi-purpose brute-forcer, written in pyton language, with a modular design and a flexible usage. Can be modified and rewritten as per our environment requirement. Patator is licensed GPLv2.

Modules Supported:-
ftp_login : Brute-force FTP
ssh_login : Brute-force SSH
telnet_login : Brute-force Telnet
smtp_login : Brute-force SMTP
smtp_vrfy : Enumerate valid users using the SMTP VRFY command
smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
http_fuzz : Brute-force HTTP/HTTPS
pop_passd : Brute-force poppassd (not POP3)
ldap_login : Brute-force LDAP
smb_login : Brute-force SMB
mssql_login : Brute-force MSSQL
oracle_login : Brute-force Oracle
mysql_login : Brute-force MySQL
pgsql_login : Brute-force PostgreSQL
vnc_login : Brute-force VNC
dns_forward : Forward lookup subdomains
dns_reverse : Reverse lookup subnets
snmp_login : Brute-force SNMPv1/2 and SNMPv3
unzip_pass : Brute-force the password of encrypted ZIP files
keystore_pass: Brute-force the password of Java keystore files

Features of Patator:-
  • No false negatives, as it is the user that decides what results to ignore based on:
  • status code of response
  • size of response
  • matching string or regex in response data
  • Modular design
  • not limited to network modules (eg. the unzip_pass module)
  • not limited to brute-forcing (eg. remote exploit testing, or vulnerable version probing)
  • Interactive runtime
  • show verbose progress
  • pause/unpause execution
  • increase/decrease verbosity
  • add new actions & conditions during runtime in order to exclude more types of response from showing
  • Use persistent connections (ie. will test several passwords until the server disconnects)
  • Multi-threaded
  • Flexible user input
  • Any part of a payload is fuzzable:
  • use FILE[0-9] keywords to iterate on a file
  • use COMBO[0-9] keywords to iterate on the combo entries of a file
  • use NET[0-9] keywords to iterate on every host of a network subnet

To Download Patator Click Here 


Post a Comment

Related Posts Plugin for WordPress, Blogger...