BruteSpray
Brute-Forcing from Nmap output
(Automatically attempts default creds on found services)
BruteSpray takes nmap GNMAP output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.
Usage
First do an nmap scan with ‘-oA nmap.gnmap’.
Command: python brutespray.py -h
Example: python brutespray.py –file nmap.gnmap –services all –threads 3 –hosts 5
Supported Services
- ssh
- ftp
- telnet
- vnc
- mssql
- mysql
- postgresql
- rsh
- imap
- nntp
- pcanywhere
- pop3
- rexec
- rlogin
- smbnt
- smtp
- snmp
- svn
- vmauthd
Download