- 支持常见服务口令爆破(未授权检测)
- ftp
- ssh
- wmi
- wmihash
- smb
- mssql
- oracle
- mysql
- rdp
- postgres
- redis
- memcached
- mongodb
- 多线程爆破,支持进度条
- 全部插件测试用例(pkg/crack/plugins/plugins_test.go)
- API调用,可参考(internal/runner/runner.go)
➜ crack ./crack -h
Service cracker
Usage:
./crack [flags]
Flags:
INPUT:
-i, -input string crack service input(example: -i '127.0.0.1:3306', -i '127.0.0.1:3307|mysql')
-f, -input-file string crack services file(example: -f 'xxx.txt')
-m, -module string choose one module to crack(ftp,ssh,wmi,mssql,oracle,mysql,rdp,postgres,redis,memcached,mongodb) (default "all")
-user string user(example: -user 'admin,root')
-pass string pass(example: -pass 'admin,root')
-user-file string user file(example: -user-file 'user.txt')
-pass-file string pass file(example: -pass-file 'pass.txt')
CONFIG:
-threads int number of threads (default 1)
-timeout int timeout in seconds (default 10)
-delay int delay between requests in seconds (0 to disable)
-crack-all crack all user:pass
OUTPUT:
-o, -output string output file to write found results (default "crack.txt")
-nc, -no-color disable colors in output
DEBUG:
-silent show only results in output
-debug show debug output
已经停止更新,该项目作为 zpscan 的模块之一,后续更新参考 zpscan。