-
Brutus Password Cracker
A tool by the name of Brutus has quickly become one of the best password crackers on the internet, along with Unix's Crack, Nt's NTCrack, John the Ripper, and The L0pht Crack Series. But unlike those password crackers this one is complely remote based.
Brutus can remotely crack SMB (netbios), telnet auth, HTTP Basic Auth, HTTP Form, POP3, and FTP sessions via brute force attacks. Brutus also has the ability to you to create more BAD or Brutus Application Definition these are custom attacks on Remote applications.
To do this you have to Define the Sequence this is done by going into the dropdown bar labled "Type" then clicking "Custom" This will cause a new button to appear in the Authentication area of the program it's labled"Define Sequence". When you Click it a box appears named Brutus - Authentication Definiton Sequence
http://www.hoobie.clara.net/brutus-screen4.gif
As you can see it has Many options to create custom BAD files.
Here are some more screen shots of the program
http://www.hoobie.clara.net/brutus-screen1.gif
This is the Main Application Window.
[IMG]http--www.hoobie.clara.net-brutus-screen3.gif[/IMG]
Brutus's Wordlist Generator
http://www.hoobie.clara.net/brutus-screen2.gif
Brutus's Brute Force Generator
I hope that you have found this useful or at least interesting.
-
i used to have brutus and it worked great when i needed to um, test my own security but then i put together a new machine and didnt get brutus back. now i have it and i suggest that anybody that doesnt already have it should get it.
-
also if you have a default password list for OS's you can run it w/ that password list to check if you have any default password problems.
"Hackers know the Weeknessess of your system, Shouldnt you" That as you know is AntiOnline's slogan. The object of this post was to help system administrators and people that just like to be secure to help secure systems that they own. I just wanted to help.
So to the person that said this.
You have -31 AntiPoints Password crackers are ****ing usless.. Go home you lamer!
Im sorry you feel that way I was just trying to help.
-
Don't you think this seems sort of suppiscouse? What if it has a virus?
-
It doesnt ive checked it for virus/trojans and it's clean (trust me i would tell you if it had a virus)
-
I used Brutus to test my Linux box ounce and I found 9 default passwords and Null logins
-
if youre afraid of it having a trojan or virus download it, it is a ZIP file, and just have your virus scanner scan as your downloading, that way if it is infected youll no and the virus scanner will stop the download and ask you if you want to keep going. and wow, my scanner didnt detect anything! what a surprise ;) nobody here on AO is mean enough to try and infect fellow members with a trojan or other virus, except maybe the lamers
-
BTW: I always scan files for Virii&Trojans before I post them anywere I wouldnt knowlingly infect anyone with a trojan or a virus cause that is slowly tearing the internet apart. Thank god for AntiVirus
And Yes Brutus was ment to be a malitious program you can see from the documentation and the fact that it inculdes Netbus.bad in the zip but for the purpose of securing a system that allows remote access it's great.
-
This tool was given out in a vulnerability assessment course I attended a few years back and it has proven to be very useful. It's the only cracker I know of for most of the things v3n0m356 listed in the original post. Thanks for the re-intro!
-
I just scanned the file with Norton 's AV and it's Virii free. Thanks v3n0m356!