Patator, şifre tahmin saldırıları için Hydra, Medusa, Ncrack, Metasploit modülleri ve Nmap NSE komut dosyalarını kullanmaktan kaynaklanan hayal kırıklığı nedeniyle yazıldı. Başka bir kabadayı zorlama aracı oluşturmamak ve aynı eksiklikleri tekrarlamaktan kaçınmak için farklı bir yaklaşım seçtim. Patator, Python ile yazılmış, öncekilerden daha güvenilir ve esnek olmaya çalışan çok iş parçacıklı bir araçtır.
Şu anda aşağıdaki modülleri desteklemektedir:
* ftp_login : Brute-force FTP
* ssh_login : Brute-force SSH
* telnet_login : Brute-force Telnet
* smtp_login : Brute-force SMTP
* smtp_vrfy : Enumerate valid users using the SMTP VRFY command
* smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
* finger_lookup : Enumerate valid users using Finger
* http_fuzz : Brute-force HTTP/HTTPS
* rdp_gateway : Brute-force RDP Gateway
* ajp_fuzz : Brute-force AJP
* pop_login : Brute-force POP
* pop_passd : Brute-force poppassd (not POP3)
* imap_login : Brute-force IMAP
* ldap_login : Brute-force LDAP
* dcom_login : Brute-force DCOM
* smb_login : Brute-force SMB
* smb_lookupsid : Brute-force SMB SID-lookup
* rlogin_login : Brute-force rlogin
* vmauthd_login : Brute-force VMware Authentication Daemon
* mssql_login : Brute-force MSSQL
* oracle_login : Brute-force Oracle
* mysql_login : Brute-force MySQL
* mysql_query : Brute-force MySQL queries
* rdp_login : Brute-force RDP (NLA)
* pgsql_login : Brute-force PostgreSQL
* vnc_login : Brute-force VNC
* dns_forward : Brute-force DNS
* dns_reverse : Brute-force DNS (reverse lookup subnets)
* ike_enum : Enumerate IKE transforms
* snmp_login : Brute-force SNMPv1/2 and SNMPv3
* unzip_pass : Brute-force the password of encrypted ZIP files
* keystore_pass : Brute-force the password of Java keystore files
* sqlcipher_pass : Brute-force the password of SQLCipher-encrypted databases
* umbraco_crack : Crack Umbraco HMAC-SHA1 password hashes
"Patator" ismi bundan geliyor.
git clone GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
docker build -t patator patator/
docker run -it --rm -v $PWD/SecLists/Passwords:/mnt patator dummy_test data=FILE0 0=/mnt/richelieu-french-top5000.txt
pip install pycrypto pyopenssl
pip install impacket
pip install paramiko
pip install IPy
pip install dnspython
pip install pysnmp
cd c:\
git clone GitHub - lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
git clone GitHub - pyinstaller/pyinstaller: Freeze (package) Python programs into stand-alone executables
cd pyinstaller
git checkout a2b0617251ebe70412f6e3573f00a49ce08b7b32 # fixes this issue: Redirecting to Google Groups
python pyinstaller.py --clean --onefile c:\patator\patator.py
patator\dist\patator.exe -h
Şu anda aşağıdaki modülleri desteklemektedir:
* ftp_login : Brute-force FTP
* ssh_login : Brute-force SSH
* telnet_login : Brute-force Telnet
* smtp_login : Brute-force SMTP
* smtp_vrfy : Enumerate valid users using the SMTP VRFY command
* smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
* finger_lookup : Enumerate valid users using Finger
* http_fuzz : Brute-force HTTP/HTTPS
* rdp_gateway : Brute-force RDP Gateway
* ajp_fuzz : Brute-force AJP
* pop_login : Brute-force POP
* pop_passd : Brute-force poppassd (not POP3)
* imap_login : Brute-force IMAP
* ldap_login : Brute-force LDAP
* dcom_login : Brute-force DCOM
* smb_login : Brute-force SMB
* smb_lookupsid : Brute-force SMB SID-lookup
* rlogin_login : Brute-force rlogin
* vmauthd_login : Brute-force VMware Authentication Daemon
* mssql_login : Brute-force MSSQL
* oracle_login : Brute-force Oracle
* mysql_login : Brute-force MySQL
* mysql_query : Brute-force MySQL queries
* rdp_login : Brute-force RDP (NLA)
* pgsql_login : Brute-force PostgreSQL
* vnc_login : Brute-force VNC
* dns_forward : Brute-force DNS
* dns_reverse : Brute-force DNS (reverse lookup subnets)
* ike_enum : Enumerate IKE transforms
* snmp_login : Brute-force SNMPv1/2 and SNMPv3
* unzip_pass : Brute-force the password of encrypted ZIP files
* keystore_pass : Brute-force the password of Java keystore files
* sqlcipher_pass : Brute-force the password of SQLCipher-encrypted databases
* umbraco_crack : Crack Umbraco HMAC-SHA1 password hashes
"Patator" ismi bundan geliyor.
Yüklemek
git clone GitHub - lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.git clone GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
docker build -t patator patator/
docker run -it --rm -v $PWD/SecLists/Passwords:/mnt patator dummy_test data=FILE0 0=/mnt/richelieu-french-top5000.txt
PyInstaller
Windows 5.2.3790 x86 üzerinde topuzlama
Python'dan yükleyin. PyWin32'den yükleyin. Microsoft'tan yükleyin. Git'ten yükleyin (ve yükleme sırasında "Windows Komut İstemi'nden Git Kullan"ı seçin). 'nize ekleyin.python-2.7.9.msipywin32-219.win32-py2.7.exevcredist_x86.exeGit-1.9.5.exec:\Python27;c:\Python27\ScriptsPATHpip install pycrypto pyopenssl
pip install impacket
pip install paramiko
pip install IPy
pip install dnspython
pip install pysnmp
cd c:\
git clone GitHub - lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
git clone GitHub - pyinstaller/pyinstaller: Freeze (package) Python programs into stand-alone executables
cd pyinstaller
git checkout a2b0617251ebe70412f6e3573f00a49ce08b7b32 # fixes this issue: Redirecting to Google Groups
python pyinstaller.py --clean --onefile c:\patator\patator.py
patator\dist\patator.exe -h
