BruteSpray: A tool brute-forces services

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.


Usage:

Using Custom Wordlists:

python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5

Brute-Forcing Specific Services:

python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5

Specific Credentials:

python brutespray.py --file nmap.gnmap -u admin -p password --threads 5 --hosts 5

Continue After Success:

python brutespray.py --file nmap.gnmap --threads 5 --hosts 5 -c

Use Nmap XML Output:

python brutespray.py --file nmap.xml --threads 5 --hosts 5


Interactive Mode:

python brutespray.py --file nmap.xml -i


Supported Services

  1. ssh
  2. ftp
  3. telnet
  4. vnc
  5. mssql
  6. mysql
  7. postgresql
  8. rsh
  9. imap
  10. nntp
  11. pcanywhere
  12. pop3
  13. rexec
  14. rlogin
  15. smbnt
  16. smtp
  17. svn
  18. vmauthd