Comments (11)
Any news ? :)
Sorry for the delay bro...
I will work on this during this week. I promise ✋
from cbrutekrag.
We're talking about several features in a single discussion thread.
Feel free to create more issues as needed with your feature requests.
About the needed information on "main output log": Putting here command results may be problematic, due to line breaks of command s that generates a multi-line output. Let me analyze it, I'm still working on it.
Regarding "getting host information" point:
In most cases (according to SSH server configuration) you can get information about the OS looking into SSH server banner. Maybe it is the most sensate data that we can add to the main output.
from cbrutekrag.
let's pretend I say -X 'uname -a' ... is there any way that the "uname -a" info to be printed in output text ?
from cbrutekrag.
so the output will look like
admin:admin:xx.xx.xx.xx:22:Linux:SSH-2.0-dropbear_0.52:ARM926EJ-S rev 4 (v5l):123 120 x x x xx:vuln
from cbrutekrag.
How you propose that we got to manage that output, especially with big batches of hosts and combinations?
At the moment, I think that the best way to handle this is logging the output on separated files and not on standard output (Screen)
What do you think?
from cbrutekrag.
How you propose that we got to manage that output, especially with big batches of hosts and combinations?
At the moment, I think that the best way to handle this is logging the output on separated files and not on standard output (Screen)
What do you think?
Thanks for response, brother !
well, let's say i write this :
./cbrutekrag -v -T /root/Desktop/targets -C /root/Desktop/combinations -t 90 -X 'uname -a' -o /root/Desktop/logs.txt
if i do this now, my output file will look like
[2019/10/04 21:16:58] LOGIN OK! 192.168.1.32:22 root root
Not bad at all !
But let's say we can also have the -X 'uname -a' info into the same file :D this will look like this :
Linux test 5.2.0-kali2-amd64 #1 SMP Debian 5.2.9-2kali1 (2019-08-22) x86_64 GNU/Linux
LOGIN OK! 192.168.1.32:22 root root
so we can also collect infos about the server.
of course, less text = better look.
also a fake process could be awesome, but i'll post an issue about this implementation.
CHEERS !!!
And thank you !
from cbrutekrag.
Any news ? :)
from cbrutekrag.
Any news ? :)
Sorry for the delay bro...
I will work on this during this week. I promise ✋
Thanks a million !! Good people, good life !
from cbrutekrag.
@metadone666 I will implement command output to separated files.
I need some time to clean up the code and make some design changes, then I can implement a good output according to your suggestion
from cbrutekrag.
@metadone666 I will implement command output to separated files.
I need some time to clean up the code and make some design changes, then I can implement a good output according to your suggestion
Thanks so much, Brother !
To make the long stuff short, i'll give you a short example of what i think about this being purrfect.
Is doing great atm. The -X works fine.
I was thinking to let cbrute auto-execute "uname -a" on top of the eventual command i will execute.
./cbrutekrag -v -p 22 TARGET COMBOS -X 'service ssh stop' -o log.txt
so, we stop the ssh service on the vulnerable hosts, but, i would love to have 'uname -a' infos in log.txt.
So. cbrutekrag will auto-execute and write in -o log.txt the infos, and i'll be able to execute -X without aditional text to the log.txt.
The fake process is also a great must-have option. i'll post the demo script for what i think fake-process is :
trcpy(argv[0],FAKE); // fake the proccess name.
while(fgets(buff,sizeof(buff),fp))
{
c=strchr(buff,'n');
if(c!=NULL) *c='.';
if (!(fork()))
{
where=0;
// printf("--> attacking %s",buff);
for (i=0; i<count; i=i+2){
// printf("--> Trying %s:%s %sn",a[i],a[i+1],buff);
checkauth(a[i],a[i+1],buff); // try to auth
}
exit(0);
Thanks a million, congratulations for this powerful tool !
from cbrutekrag.
Beautiful ! Issue solved!
Going to create the next one !
U the best !
from cbrutekrag.
Related Issues (20)
- SIGSEGV when combinations file has empty lines
- Progress bar bug HOT 2
- Add option to output -s (Scan) results HOT 4
- *** buffer overflow detected ***: terminated HOT 7
- 2 more options required HOT 1
- Detect SonicWall SSH HOT 4
- Static Compile issue HOT 4
- multiple successful results with the same IP address, HOT 13
- static build compile error...help HOT 2
- check your email! :) HOT 1
- Option to only scan good IPs and other option to export good IPs while running brute forcing to a new file (different with ouput file). Specs grabber HOT 1
- Support for use hostname as password HOT 4
- const char *commandline = command; HOT 14
- Save only format ip|user|pass
- Support for port on the targets list HOT 13
- Port ranges HOT 1
- Build failing on Debian 7 and Debian 8 i386 HOT 2
- Implement Fake Process HOT 5
- Accept targets from STDIN
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cbrutekrag.