![The Hackers Media™ [ THM ]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisquqXJSMuUCppL6SQ4aLeO-ID-MP69EH9zHaFL8AV6FmfrbHXj18RqOP6_xDepB-qCCpKDltYPFX78w7XdQtGsP45ikdwu1UGhlsd4ggYhDsTGmaiKNMG2Vs26d_lmkz-JLd_BQYcYXi_/s1600/updaate+111.png)
Earlier we have several times talked about Brute forcer tool like THC-Hydra, Cain & Abel, Rainbow Crackand many more. Today we will discuss about Patator is a multi-purpose brute-forcer, written in pyton language, with a modular design and a flexible usage. Can be modified and rewritten as per our environment requirement. Patator is licensed GPLv2.
ftp_login : Brute-force FTP
ssh_login : Brute-force SSH
telnet_login : Brute-force Telnet
smtp_login : Brute-force SMTP
smtp_vrfy : Enumerate valid users using the SMTP VRFY command
smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
http_fuzz : Brute-force HTTP/HTTPS
pop_passd : Brute-force poppassd (not POP3)
ldap_login : Brute-force LDAP
smb_login : Brute-force SMB
mssql_login : Brute-force MSSQL
oracle_login : Brute-force Oracle
mysql_login : Brute-force MySQL
pgsql_login : Brute-force PostgreSQL
vnc_login : Brute-force VNC
dns_forward : Forward lookup subdomains
dns_reverse : Reverse lookup subnets
snmp_login : Brute-force SNMPv1/2 and SNMPv3
unzip_pass : Brute-force the password of encrypted ZIP files
keystore_pass: Brute-force the password of Java keystore files
Features of Patator:-
- No false negatives, as it is the user that decides what results to ignore based on:
- status code of response
- size of response
- matching string or regex in response data
- Modular design
- not limited to network modules (eg. the unzip_pass module)
- not limited to brute-forcing (eg. remote exploit testing, or vulnerable version probing)
- Interactive runtime
- show verbose progress
- pause/unpause execution
- increase/decrease verbosity
- add new actions & conditions during runtime in order to exclude more types of response from showing
- Use persistent connections (ie. will test several passwords until the server disconnects)
- Multi-threaded
- Flexible user input
- Any part of a payload is fuzzable:
- use FILE[0-9] keywords to iterate on a file
- use COMBO[0-9] keywords to iterate on the combo entries of a file
- use NET[0-9] keywords to iterate on every host of a network subnet
To Download Patator Click Here
0 comments:
Post a Comment