Documentation ¶
Index ¶
- Constants
- Variables
- func BruteItemStreamWithContext(ctx context.Context, typeStr string, target []string, users []string, ...) (chan *BruteItem, error)
- func FTPAuth(target, username, password string) (bool, error)
- func FileOrMutateTemplate(t string, divider string) []string
- func FileOrMutateTemplateForStrings(divider string, t ...string) []string
- func FileToDictList(fileName string) []string
- func GetBuildinAvailableBruteType() []string
- func GetPasswordListFromBruteType(t string) []string
- func GetUsernameListFromBruteType(t string) []string
- func IMAPAuth(target, username, password string, needAuth bool) (bool, error)
- func LoginAuth(username, password string) smtp.Auth
- func MSSQLAuth(target, username, password string, needAuth bool) (ok, finished bool, err error)
- func MYSQLAuth(target, username, password string, needAuth bool) (ok, finished bool, err error)
- func MongoDBAuth(target, username, password string, needAuth bool) (bool, error)
- func NewCramMD5Client(username, secret string) sasl.Client
- func NewScramClient(hashID, username, password string) (sasl.Client, error)
- func POP3Auth(target, username, password string, needAuth bool) (bool, error)
- func PlainAuth(identity, username, password, host string) smtp.Auth
- func RedisAuth(target, password string, needAuth bool) (bool, error)
- func SMTPAuthAndSendMail(target, username, password string, needAuth bool) (bool, error)
- func ScramAuth(hashID, username, password string) (smtp.Auth, error)
- type BruteCallback
- type BruteItem
- type BruteItemResult
- type BruteItemResultCallback
- type BruteUtil
- func (b *BruteUtil) Feed(item *BruteItem)
- func (b *BruteUtil) GetAllTargetsProcessing() []*targetProcessing
- func (b *BruteUtil) GetProcessingByTarget(target string) (*targetProcessing, error)
- func (b *BruteUtil) RemoteProcessingByTarget(target string)
- func (b *BruteUtil) Run() error
- func (b *BruteUtil) RunWithContext(ctx context.Context) error
- func (b *BruteUtil) SetResultCallback(cb BruteItemResultCallback)
- func (b *BruteUtil) StreamBruteContext(ctx context.Context, typeStr string, target, users, pass []string, ...) error
- type DefaultServiceAuthInfo
- type NetXDialer
- type OptionsAction
- func WithBeforeBruteCallback(c func(string) bool) OptionsAction
- func WithBruteCallback(callback BruteCallback) OptionsAction
- func WithDelayerWaiter(minDelay, maxDelay int) (OptionsAction, error)
- func WithFinishingThreshold(t int) OptionsAction
- func WithOkToStop(t bool) OptionsAction
- func WithOnlyNeedPassword(t bool) OptionsAction
- func WithResultCallback(callback BruteItemResultCallback) OptionsAction
- func WithTargetTasksConcurrent(targetTasksConcurrent int) OptionsAction
- func WithTargetsConcurrent(targetsConcurrent int) OptionsAction
- type RTSPAuthMethod
Constants ¶
View Source
const ( RTSPAuthMethod_Origin RTSPAuthMethod = 0 RTSPAuthMethod_Basic = 1 RTSPAuthMethod_Digest = 2 )
Variables ¶
View Source
var AuthFunctionMap = []struct { Name string Data string }{ {Name: "ssh", Data: "ssh"}, {Name: "ftp", Data: "ftp"}, {Name: "tomcat", Data: "tomcat"}, {Name: "vnc", Data: "vnc"}, {Name: "postgres", Data: "postgres"}, {Name: "mysql", Data: "mysql"}, {Name: "redis", Data: "redis"}, {Name: "mssql", Data: "mssql"}, {Name: "rdp", Data: "rdp"}, {Name: "memcached", Data: "memcached"}, {Name: "mongodb", Data: "mongodb"}, {Name: "oracle", Data: "oracle"}, {Name: "smb", Data: "smb"}, {Name: "imap", Data: "imap"}, {Name: "smtp", Data: "smtp"}, {Name: "pop3", Data: "pop3"}, {Name: "telnet", Data: "telnet"}, {Name: "snmpv2", Data: "snmpv2"}, {Name: "snmpv3/md5", Data: "snmpv3_md5"}, {Name: "snmpv3/sha", Data: "snmpv3_sha"}, {Name: "snmpv3/sha-224", Data: "snmpv3_sha-224"}, {Name: "snmpv3/sha-256", Data: "snmpv3_sha-256"}, {Name: "snmpv3/sha-384", Data: "snmpv3_sha-384"}, {Name: "snmpv3/sha-512", Data: "snmpv3_sha-512"}, {Name: "rtsp", Data: "rtsp"}, {Name: "http_proxy", Data: "http_proxy"}, {Name: "socks_proxy/v5", Data: "socks5_proxy"}, {Name: "socks_proxy/v4", Data: "socks4_proxy"}, {Name: "socks_proxy/v4a", Data: "socks4a_proxy"}, {Name: "pptp", Data: "pptp"}, {Name: "ldap", Data: "ldap"}, }
View Source
var CommonPasswords = []string{}/* 199 elements not displayed */
View Source
var CommonUsernames = []string{
"admin", "root", "test", "op", "www", "data",
"guest",
}
http://k8gege.org/p/16172.html
View Source
var ExampleChallengeContent = []byte("This domain is for use in illustrative examples in documents.")
View Source
var LdapLogin = _login
View Source
var Ldap_Password = optLdap_Password
View Source
var Ldap_Port = optLdap_Port
View Source
var Ldap_Username = optLdap_Username
View Source
var RDPLogin = rdpLogin
Functions ¶
func FileOrMutateTemplate ¶
func FileToDictList ¶
func GetBuildinAvailableBruteType ¶
func GetBuildinAvailableBruteType() []string
func IMAPAuth ¶ added in v1.3.2
IMAPAuth use netx.Dial instead of net.Dial, and check auth method Manually test with https://app.mailslurp.com/dashboard/
func NewCramMD5Client ¶ added in v1.3.2
func NewCramMD5Client(username, secret string) sasl.Client
NewCramMD5Client implements the CRAM-MD5 authentication mechanism, as described in RFC 2195. The returned Client uses the given username and secret to authenticate to the server using the challenge-response mechanism.
func NewScramClient ¶ added in v1.3.2
func POP3Auth ¶ added in v1.3.2
Manually test with https://mailtrap.io
func SMTPAuthAndSendMail ¶ added in v1.3.2
SMTPAuthAndSendMail use netx.Dial instead of net.Dial, and check auth method, so do not use smtp.SendMail Manually test with https://mailtrap.io
Types ¶
type BruteCallback ¶
type BruteCallback func(item *BruteItem) *BruteItemResult
func GetBruteFuncByType ¶
func GetBruteFuncByType(t string) (BruteCallback, error)
type BruteItem ¶
type BruteItem struct { Type string Target string Username string Password string Context context.Context }
func (*BruteItem) Result ¶
func (b *BruteItem) Result() *BruteItemResult
type BruteItemResult ¶
type BruteItemResult struct { // 爆破类型 Type string // 标志着爆破成功 Ok bool // 标志着完成爆破/因为协议不对,或者是网络验证错误,等 Finished bool // 标志着该用户名有问题,不应该再使用这个用户名 UserEliminated bool // 该爆破只需要密码,不需要用户名 OnlyNeedPassword bool // 爆破的目标 Target string // 爆破的用户名与密码 Username string Password string // 爆破结果的 banner 依据,额外信息 ExtraInfo []byte }
func (*BruteItemResult) Show ¶
func (r *BruteItemResult) Show()
func (*BruteItemResult) String ¶
func (r *BruteItemResult) String() string
type BruteItemResultCallback ¶
type BruteItemResultCallback func(b *BruteItemResult)
type BruteUtil ¶
type BruteUtil struct { TargetTaskConcurrent int // 这个选项标志着,如果遇到了 Ok,则停止对当前目标的爆破 OkToStop bool // 完成阈值,这是一个整型 // 在爆破过程中会统计任务 Finished 的数量 // 一旦任务执行给的结果 Finished 的数量达到这个参数设置的值 // 马上结束对当前这个目标的爆破 FinishingThreshold int // OnlyNeedPassword 标志着这次爆破只需要密码进行爆破 OnlyNeedPassword bool // contains filtered or unexported fields }
func NewMultiTargetBruteUtil ¶
func NewMultiTargetBruteUtil(targetsConcurrent, minDelay, maxDelay int, callback BruteCallback) (*BruteUtil, error)
func NewMultiTargetBruteUtilEx ¶
func NewMultiTargetBruteUtilEx(options ...OptionsAction) (*BruteUtil, error)
func (*BruteUtil) GetAllTargetsProcessing ¶
func (b *BruteUtil) GetAllTargetsProcessing() []*targetProcessing
func (*BruteUtil) GetProcessingByTarget ¶
func (*BruteUtil) RemoteProcessingByTarget ¶
func (*BruteUtil) SetResultCallback ¶
func (b *BruteUtil) SetResultCallback(cb BruteItemResultCallback)
func (*BruteUtil) StreamBruteContext ¶
type DefaultServiceAuthInfo ¶
type DefaultServiceAuthInfo struct { ServiceName string DefaultPorts string DefaultUsernames []string DefaultPasswords []string UnAuthVerify func(i *BruteItem) *BruteItemResult BrutePass func(i *BruteItem) *BruteItemResult }
func SocksProxyBruteAuthFactory ¶ added in v1.3.1
func SocksProxyBruteAuthFactory(scheme string) *DefaultServiceAuthInfo
func (*DefaultServiceAuthInfo) GetBruteHandler ¶
func (d *DefaultServiceAuthInfo) GetBruteHandler() BruteCallback
type NetXDialer ¶ added in v1.3.2
type NetXDialer struct{}
func (*NetXDialer) Dial ¶ added in v1.3.2
func (d *NetXDialer) Dial(network, address string) (net.Conn, error)
func (*NetXDialer) DialContext ¶ added in v1.3.2
func (*NetXDialer) DialTCPContext ¶
type OptionsAction ¶
type OptionsAction func(util *BruteUtil)
func WithBeforeBruteCallback ¶
func WithBeforeBruteCallback(c func(string) bool) OptionsAction
设置爆破预检查函数
func WithDelayerWaiter ¶
func WithDelayerWaiter(minDelay, maxDelay int) (OptionsAction, error)
这个选项来控制设置 Delayer
func WithResultCallback ¶
func WithResultCallback(callback BruteItemResultCallback) OptionsAction
设置结果回调
func WithTargetTasksConcurrent ¶
func WithTargetTasksConcurrent(targetTasksConcurrent int) OptionsAction
这个选项来控制每个目标最多同时执行多少个爆破任务,默认为 1
func WithTargetsConcurrent ¶
func WithTargetsConcurrent(targetsConcurrent int) OptionsAction
这个选项控制整体的目标并发 默认值为 200
type RTSPAuthMethod ¶ added in v1.2.8
type RTSPAuthMethod uint8
Source Files ¶
- auth_func.go
- brute_error.go
- bruteutils.go
- cramMD5.go
- dialer.go
- ftp.go
- http_proxy.go
- imap.go
- ldap.go
- memcached.go
- mongo.go
- mssql.go
- mysql.go
- oracle.go
- pop3.go
- postgres.go
- pptp.go
- rdp.go
- redis.go
- rtsp.go
- sasl_auth.go
- smb.go
- smtp.go
- snmp_v2.go
- snmp_v3.go
- socks_proxy.go
- ssh.go
- telnet.go
- testcase.go
- tomcat.go
- unauth_schema.go
- utils.go
- vnc.go
- weblogic.go
Click to show internal directories.
Click to hide internal directories.