INTRODUCTION
Bruter is a parallel login brute-forcer. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.
PLEASE NOTE THAT THIS TOOL IS INTENDED FOR LEGAL PURPOSES ONLY! USE IT AT YOUR OWN RIKS.
SUPPORTED PLATFORMS
Windows 2000/XP
HOW TO USE
Connection Options Group
All input fields in this group are used for identifying targets and protocols.
* Target: A target can be an IP address (only IPv4) or a hostname. This program can perform a test on only one target at a time. Therefore, this field must contain only one IP address or hostname.
* Protocol: Each protocol has a different login method. You need to select a service that a target server uses. Some protocols have their own options. For more information about protocol options, see PROTOCOL OPTION DETAIL section.
* Port: If a target service is not on default port, you can define IT here. Default port numbers are used according to IANA.
* SSL: Check this option if a target service uses SSL for connection. When you check or uncheck this box, program will change "Port" field to default port number.
User Option Group
* User: A username or a filename that contains usernames (one username per line). If an input text is not a filename, program will use this text as a username (Single User mode).
Password Modes Group
This group is used for selecting a testing mode. To enable each mode, the checkbox must be checked. You must select at least one of the checkbox.
* Dictionary: This mode will use wordlist from a file (also known as dictionary attack). The provided file must contain one word per line. If an input text in this field is not a filename, the program will use the input text as a word
Remark: for testing a blank password, use an empty string (no space).
* Append user: This mode will use words from a file. Each word will be appended to the testing username and then use IT as a password. If an input text in this field is not a filename, the program will use the input text as a word
Remark: for testing password that is the same as username, use an empty string (no space).
* Brute force: This mode will try every possible password. You can select a charset for brute forcing from Option. Also you can defined the minimum and maximum password length for brute forcing.
Remerk: Usually, this mode does not suIT for network login.
Password Options Group
This option group is used for modifying passwords that used in "Dictionary" and "Append user" mode. If the modified password is the same as the password, the program will not send this password to test against a target. To enable each option, the checkbox must be checked.
* Lowercase: This option will change all characters to lowercase.
* Uppercase first character: This option will change only first character to uppercase.
Misc Options Group
* Connections: The number of logins to be tested concurrently.
* Max Retry: The number of attempts per account when unexpected results happen.
* Time out: The maximum waIT time in seconds for server response.
* Wait for retry: The waIT time in milliseconds for retrying the same username/password again after an error occured
* Max Attempt/Connection The number of attempts in the same connection. 0 means login using the same connection until a server disconnects. This option does not apply to HTTP and SMB protocols.
* Stop when found one If this checkbox is checked, this program will stop testing when IT found the first valid account.
Display Tab
* Result: Display found valid target/username/password tuples.
* Testing: Display the testing username and password. Currently, this field is updated every 1.5 seconds.
* Message: Displays a notify or error messages. This program does not display all unsuccessful logins.
PROTOCOL OPTION DETAIL
* FTP
* HTTP (Basic)
* HTTP (Form)
* IMAP
* MSSQL
* MySQL
* POP3
* SMB-NT
* SMTP
* SNMP
* SSH2
* Telnet |
