bruteutils

package
v1.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2024 License: AGPL-3.0 Imports: 58 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	RTSPAuthMethod_Origin RTSPAuthMethod = 0
	RTSPAuthMethod_Basic                 = 1
	RTSPAuthMethod_Digest                = 2
)
View Source 
const CommonTimeoutDuration = 8 * time.Second

Variables

View Source 
var AuthFunctionMap = []struct {
	Name string
	Data string
}{
	{Name: "ssh", Data: "ssh"},
	{Name: "ftp", Data: "ftp"},
	{Name: "tomcat", Data: "tomcat"},
	{Name: "vnc", Data: "vnc"},
	{Name: "postgres", Data: "postgres"},
	{Name: "mysql", Data: "mysql"},
	{Name: "redis", Data: "redis"},
	{Name: "mssql", Data: "mssql"},
	{Name: "rdp", Data: "rdp"},
	{Name: "memcached", Data: "memcached"},
	{Name: "mongodb", Data: "mongodb"},
	{Name: "oracle", Data: "oracle"},
	{Name: "smb", Data: "smb"},
	{Name: "imap", Data: "imap"},
	{Name: "smtp", Data: "smtp"},
	{Name: "pop3", Data: "pop3"},
	{Name: "telnet", Data: "telnet"},
	{Name: "snmpv2", Data: "snmpv2"},
	{Name: "snmpv3/md5", Data: "snmpv3_md5"},
	{Name: "snmpv3/sha", Data: "snmpv3_sha"},
	{Name: "snmpv3/sha-224", Data: "snmpv3_sha-224"},
	{Name: "snmpv3/sha-256", Data: "snmpv3_sha-256"},
	{Name: "snmpv3/sha-384", Data: "snmpv3_sha-384"},
	{Name: "snmpv3/sha-512", Data: "snmpv3_sha-512"},
	{Name: "rtsp", Data: "rtsp"},
	{Name: "http_proxy", Data: "http_proxy"},
	{Name: "socks_proxy/v5", Data: "socks5_proxy"},
	{Name: "socks_proxy/v4", Data: "socks4_proxy"},
	{Name: "socks_proxy/v4a", Data: "socks4a_proxy"},
}
View Source 
var CommonPasswords = []string{}/* 199 elements not displayed */
View Source 
var CommonUsernames = []string{
	"admin", "root", "test", "op", "www", "data",
	"guest",
}

http://k8gege.org/p/16172.html

View Source 
var ExampleChallengeContent = []byte("This domain is for use in illustrative examples in documents.")
View Source 
var RDPLogin = rdpLogin

Functions

func BruteItemStreamWithContext 

func BruteItemStreamWithContext(ctx context.Context, typeStr string, target []string, users []string, pass []string) (chan *BruteItem, error)

func FileOrMutateTemplate 

func FileOrMutateTemplate(t string, divider string) []string

func FileOrMutateTemplateForStrings 

func FileOrMutateTemplateForStrings(divider string, t ...string) []string

func FileToDictList 

func FileToDictList(fileName string) []string

func GeneratePasswordByUser 

func GeneratePasswordByUser(user []string, pass []string) []string

func GetBuildinAvailableBruteType 

func GetBuildinAvailableBruteType() []string

func GetPasswordListFromBruteType 

func GetPasswordListFromBruteType(t string) []string

func GetUsernameListFromBruteType 

func GetUsernameListFromBruteType(t string) []string

func IMAPAuth added in v1.3.2 

func IMAPAuth(target, username, password string, needAuth bool) (bool, error)

IMAPAuth use netx.Dial instead of net.Dial, and check auth method Manually test with https://app.mailslurp.com/dashboard/

func LoginAuth added in v1.3.2 

func LoginAuth(username, password string) smtp.Auth

func NewCramMD5Client added in v1.3.2 

func NewCramMD5Client(username, secret string) sasl.Client

NewCramMD5Client implements the CRAM-MD5 authentication mechanism, as described in RFC 2195. The returned Client uses the given username and secret to authenticate to the server using the challenge-response mechanism.

func NewScramClient added in v1.3.2 

func NewScramClient(hashID, username, password string) (sasl.Client, error)

func POP3Auth added in v1.3.2 

func POP3Auth(target, username, password string, needAuth bool) (bool, error)

Manually test with https://mailtrap.io

func PlainAuth added in v1.3.2 

func PlainAuth(identity, username, password, host string) smtp.Auth

PlainAuth like smtp.PlainAuth but remove Start check

func SMTPAuthAndSendMail added in v1.3.2 

func SMTPAuthAndSendMail(target, username, password string, needAuth bool) (bool, error)

SMTPAuthAndSendMail use netx.Dial instead of net.Dial, and check auth method, so do not use smtp.SendMail Manually test with https://mailtrap.io

func ScramAuth added in v1.3.2 

func ScramAuth(hashID, username, password string) (smtp.Auth, error)

PlainAuth like smtp.PlainAuth but remove Start check

Types

type BruteCallback 

type BruteCallback func(item *BruteItem) *BruteItemResult

func GetBruteFuncByType 

func GetBruteFuncByType(t string) (BruteCallback, error)

type BruteItem 

type BruteItem struct {
	Type     string
	Target   string
	Username string
	Password string
}

func (*BruteItem) Result 

func (b *BruteItem) Result() *BruteItemResult

func (*BruteItem) String 

func (b *BruteItem) String() string

type BruteItemResult 

type BruteItemResult struct {
	// 爆破类型
	Type string

	// 标志着爆破成功
	Ok bool

	// 标志着完成爆破/因为协议不对,或者是网络验证错误,等
	Finished bool

	// 标志着该用户名有问题,不应该再使用这个用户名
	UserEliminated bool

	// 该爆破只需要密码,不需要用户名
	OnlyNeedPassword bool

	// 爆破的目标
	Target string

	// 爆破的用户名与密码
	Username string
	Password string

	// 爆破结果的 banner 依据,额外信息
	ExtraInfo []byte
}

func (*BruteItemResult) Show 

func (r *BruteItemResult) Show()

func (*BruteItemResult) String 

func (r *BruteItemResult) String() string

type BruteItemResultCallback 

type BruteItemResultCallback func(b *BruteItemResult)

type BruteUtil 

type BruteUtil struct {
	TargetTaskConcurrent int

	// 这个选项标志着,如果遇到了 Ok,则停止对当前目标的爆破
	OkToStop bool

	// 完成阈值,这是一个整型
	// 在爆破过程中会统计任务 Finished 的数量
	// 一旦任务执行给的结果 Finished 的数量达到这个参数设置的值
	// 马上结束对当前这个目标的爆破
	FinishingThreshold int

	// OnlyNeedPassword 标志着这次爆破只需要密码进行爆破
	OnlyNeedPassword bool
	// contains filtered or unexported fields
}

func NewMultiTargetBruteUtil 

func NewMultiTargetBruteUtil(targetsConcurrent, minDelay, maxDelay int, callback BruteCallback) (*BruteUtil, error)

func NewMultiTargetBruteUtilEx 

func NewMultiTargetBruteUtilEx(options ...OptionsAction) (*BruteUtil, error)

func (*BruteUtil) Feed 

func (b *BruteUtil) Feed(item *BruteItem)

func (*BruteUtil) GetAllTargetsProcessing 

func (b *BruteUtil) GetAllTargetsProcessing() []*targetProcessing

func (*BruteUtil) GetProcessingByTarget 

func (b *BruteUtil) GetProcessingByTarget(target string) (*targetProcessing, error)

func (*BruteUtil) RemoteProcessingByTarget 

func (b *BruteUtil) RemoteProcessingByTarget(target string)

func (*BruteUtil) Run 

func (b *BruteUtil) Run() error

func (*BruteUtil) RunWithContext 

func (b *BruteUtil) RunWithContext(ctx context.Context) error

func (*BruteUtil) SetResultCallback 

func (b *BruteUtil) SetResultCallback(cb BruteItemResultCallback)

func (*BruteUtil) StreamBruteContext 

func (b *BruteUtil) StreamBruteContext(
	ctx context.Context, typeStr string, target, users, pass []string,
	resultCallback BruteItemResultCallback,
) error

type DefaultServiceAuthInfo 

type DefaultServiceAuthInfo struct {
	ServiceName string

	DefaultPorts     string
	DefaultUsernames []string
	DefaultPasswords []string

	UnAuthVerify func(i *BruteItem) *BruteItemResult
	BrutePass    func(i *BruteItem) *BruteItemResult
	// contains filtered or unexported fields
}

func SocksProxyBruteAuthFactory added in v1.3.1 

func SocksProxyBruteAuthFactory(scheme string) *DefaultServiceAuthInfo

func (*DefaultServiceAuthInfo) GetBruteHandler 

func (d *DefaultServiceAuthInfo) GetBruteHandler() BruteCallback

type NetXDialer added in v1.3.2 

type NetXDialer struct{}

func (*NetXDialer) Dial added in v1.3.2 

func (d *NetXDialer) Dial(network, address string) (net.Conn, error)

func (*NetXDialer) DialContext added in v1.3.2 

func (d *NetXDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error)

type OptionsAction 

type OptionsAction func(util *BruteUtil)

func WithBeforeBruteCallback 

func WithBeforeBruteCallback(c func(string) bool) OptionsAction

设置爆破预检查函数

func WithBruteCallback 

func WithBruteCallback(callback BruteCallback) OptionsAction

设置爆破任务

func WithDelayerWaiter 

func WithDelayerWaiter(minDelay, maxDelay int) (OptionsAction, error)

这个选项来控制设置 Delayer

func WithFinishingThreshold 

func WithFinishingThreshold(t int) OptionsAction

设置阈值

func WithOkToStop 

func WithOkToStop(t bool) OptionsAction

设置 OkToStop 选项

func WithOnlyNeedPassword 

func WithOnlyNeedPassword(t bool) OptionsAction

设置只需要密码爆破

func WithResultCallback 

func WithResultCallback(callback BruteItemResultCallback) OptionsAction

设置结果回调

func WithTargetTasksConcurrent 

func WithTargetTasksConcurrent(targetTasksConcurrent int) OptionsAction

这个选项来控制每个目标最多同时执行多少个爆破任务,默认为 1

func WithTargetsConcurrent 

func WithTargetsConcurrent(targetsConcurrent int) OptionsAction

这个选项控制整体的目标并发 默认值为 200

type RTSPAuthMethod added in v1.2.8 

type RTSPAuthMethod uint8

Source Files

View all Source files

Directories

Path Synopsis
core
emission
glog
protocol/lic
protocol/nla
protocol/pdu
protocol/rfb
rfb.go
 rfb.go
protocol/sec
protocol/t125
protocol/t125/ber
protocol/t125/gcc
protocol/t125/per
protocol/tpkt
protocol/x224

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.