ncrack

• ncrack -p 22 --user xinux -P bad-passwords 10.0.10.104

Ausgabe für faraday

• ncrack -p 22 --user xinux -P bad-passwords 10.0.10.104 -oX ncrack.xml

Lesen aus einer Datei und Attacke

• cat secure.local.list

10.0.10.1
10.0.10.102
10.0.10.103
10.0.10.104
10.0.10.105

• ncrack -v -iL secure.local.list -u xinux -P bad-passwords -p ssh CL=1
• ncrack -u xinux,martha,leroy -P bad-passwords -iL secure.local.list -p 22

Usefull commands in Ncrack

Target specification

-iX: Input from Nmap’s -oX XML output format
-iN: Input from Nmap’s -oN Normal output format
-iL: Input from list of hosts/networks
–exclude: Exclude hosts/networks
–excludefile: Exclude list from file

Service specification:

-p: services will be applied to all non-standard notation hosts
-m: options will be applied to all services of this type
-g: options will be applied to every service globally

Authentication

-U: username file
-P: password file
–user: comma-separated username list
–pass: comma-separated password list
–passwords-first: Iterate password list for each username. Default is the opposite.
–pairwise: Choose usernames and passwords in pairs.

Output:

-oN/-oX: Output scan in normal and XML format, respectively, to the given filename.
-oA: Output in the two major formats at once
-v: Increase verbosity level (use twice or more for greater effect)

Module:

SSH, RDP, FTP, Telnet, HTTP(S), WordPress, POP3(S), IMAP, CVS, SMB, VNC, SIP, Redis, PostgreSQL, MQTT, MySQL, MSSQL, MongoDB, Cassandra, WinRM, OWA, DICOM