Brutespray is python script which provides a combination of both port scanning and automated brute force attacks against scanned services.

Scan with Nmap and use GNMAP/XML output file to Brute force Nmap open port services with default credentials using Medusa or Use your dictionary to gain access.Download the brutespray Tool Here.

Attackers Machine(Kali Linux 2.0)

  • execute command  ./brutespray.py python script with 777 Permissions ( read,write,execute)

 

Scanning victim website

  • Start scanning your victim website or internal network with Nmap to check open ports and services.
  • Below Image illustrate Nmap scan followed by saving an output of nmap results with a filename.
  • Command executed: nmap –vv -n -oA Outputfilename
  • Here -oA is Output in all formats(.xml,.gnmap,nmap)

 

Also Read Complete list of Kali Linux Tutorials

Nmap Output Mode

  • Previous Nmap scan will be saved in the .xml format as an output file.
  • This Output file (XML FILE) used to perform brute force attacks against open ports of the victim.
  • Below image illustrate Nmap scan output file as bala.nmap 

Brutespray Startup

  • Now you can run this tool with a command: ./brutespray.py -h will run the tool with help mode.

Brutespray Interactive Mode

  • Launch Interactive mode with the command: python brutespray.py -f nmap.xml -i

 

  • Once Interactive mode loaded, set your service, threads, hosts and finally dictionary file.

brute force

  • Automate your Bruteforce attack with In build dictionary or use your own dictionary with Interactive Mode.
  • The Brutespray started its attack, relax yourself lets wait for successful username and password from a dictionary file.

Brute Force Username & Password

  • Once the attack is success username and password will be saved in the brutespray-output folder as output.

Mitigation

  • Always recommended to use a strong password as per policy.
  • Password changing policy should be 15 to 30 days will be a good practice.
  • Password lockout policy is a good one to stop brute force attacks (After 5 failure attempts account will be locked).
  • The integration of business-critical asset to SIEM( security incident & Event Management) will detect these kinds of attacks as soon as possible.