[Junior Riau]

assalamualaikum all
ketemu lagi dah sama ane=anak pengguna baru

nah kali ini mau mencoba share sebuah tools bruteforce namanya patator.
patator ini berbasis python atau menggunakan bahasa pemrograman python, jadi bagi teman2 yang g atau belum install backtrack5, jangan takut, bisa dijalanin di windows juga, tinggal instal pythonnya untuk windos terlebih dahulu,

scriptnya bisa didownload di mari
kalau diletakin disini kepanjangan wkwkkw
available modul nya sebagai berikut

Code:

D:\brother\HackSoft\Patator Bruteforce>patator_v0.3.py
Usage:
  $ ./patator.py module --help
or
  $ ln -s patator.py module
  $ ./module --help

Available modules:
  + ftp_login     : Brute-force FTP authentication
  + ssh_login     : Brute-force SSH authentication
  + telnet_login  : Brute-force Telnet authentication
  + smtp_login    : Brute-force SMTP authentication
  + smtp_vrfy     : Enumerate valid users using SMTP VRFY
  + smtp_rcpt     : Enumerate valid users using SMTP RCPT TO
  + http_fuzz     : Fuzz HTTP/HTTPS
  + pop_passd     : Brute-force poppassd authentication (http://netwinsite.com/p
oppassd/ not POP3)
  + smb_login     : Brute-force SMB authentication
  + ldap_login    : Brute-force LDAP authentication
  + mssql_login   : Brute-force MSSQL authentication
  + oracle_login  : Brute-force Oracle authentication
  + mysql_login   : Brute-force MySQL authentication
  + pgsql_login   : Brute-force PostgreSQL authentication
  + vnc_login     : Brute-force VNC authentication
  + dns_reverse   : Reverse lookup subnets
  + dns_forward   : Forward lookup subdomains
  + snmp_login    : Brute-force SNMP v1/2/3 authentication
  + unzip_pass    : Brute-force the password of encrypted ZIP files
  + keystore_pass : Brute-force the password of Java keystore files

lihat lagi untuk option modulnya misal ftp_login

Code:

Usage:
ftp_login host=10.0.0.1 user=FILE0 password=FILE1 0=logins.txt 1=passwords.txt -x ignore:mesg='Login incorrect.' -x ignore,reset,retry:code=500 -x reset:fgrep='Login successful'

Module options:
  host          : hostnames or subnets to target
  port          : ports to target [21]
  user          : usernames to test
  password      : passwords to test
  persistent    : use persistent connections [1|0]

* Allowed format in ()
* Allowed values in [] with the default value always listed first

Syntax:
-x actions:conditions

    actions    := action[,action]*
    action     := "ignore" | "retry" | "quit" | "reset"
    conditions := condition=value[,condition=value]*
    condition  := "code" | "size" | "mesg" | "fgrep" | "egrep"

    ignore      : do not report
    retry       : try payload again
    quit        : terminate execution now
    reset       : close current connection in order to reconnect for next probe

    code        : match status code
    size        : match size (N or N-M or N- or -N)
    mesg        : match message
    fgrep       : search for string
    egrep       : search for regex

For example, to ignore all redirects to the home page:
... -x ignore:code=302,fgrep='Location: /home.html'

-e tag:encoding

    tag        := any unique string (eg. T@G or _@@_ or ...)
    encoding   := "sha1" | "md5" | "hex" | "b64"

    sha1        : hash in sha1
    md5         : hash in md5
    hex         : encode in hexadecimal
    b64         : encode in base64

For example, to encode every password in base64:
... host=10.0.0.1 user=admin password=_@@_FILE0_@@_ -e _@@_:b64


Options:
  -h, --help           show this help message and exit

  Execution:
    -x arg             actions and conditions, see Syntax above
    --start=N          start from offset N in the wordlist product
    --stop=N           stop at offset N
    --resume=r1[,rN]*  resume previous run
    -e arg             encode everything between two tags, see Syntax above
    -C str             delimiter string in combo files (default is ':')
    -X str             delimiter string in conditions (default is ',')

  Optimization:
    --rate-limit=N     wait N seconds between tests (default is 0)
    --rate-reset=N     reset module every N tests (default is 0: never reset)
    --failure-delay=N  wait N seconds after a failure (default is 0.5)
    --max-retries=N    skip payload after N failures (default is 5) (-1 for
                       unlimited)
    -t N, --threads=N  number of threads (default is 10)

  Logging:
    -l DIR             save output and response data into DIR
    -L SFX             automatically save into DIR/yyyy-mm-dd/hh:mm:ss_SFX
                       (DIR defaults to '/tmp/patator')

  Debugging:
    -d, --debug        enable debug messages

wah ada contoh penggunaannya

Code:

ftp_login host=10.0.0.1 user=FILE0 password=FILE1 0=logins.txt 1=passwords.txt -x ignore:mesg='Login incorrect.' -x ignore,reset,retry:code=500 -x reset:fgrep='Login successful'

ayo mari kita coba sama sama ntar yang berhasil report yah

[betefive]

mf om,, ane lg gila ama brute force, dah bnyak tool ane siapin,
lawan ny mikrotik nih susah amirrrrrr,,
izin coba om jun..
wkwkwkwkwk

[Junior Riau]

mikrotik dilawan wkwkw ngeri itu

[betefive]

wkwkwk...
galau om..mac ane d banned.
wkwkwk...help help...g bsa connect lg..

[Junior Riau]

owalah,, mikrotik hotspot kampus???login mikrotik pake filter mac ya??

[betefive]

iy om..... gmn ni om?
trpksa plg dulu,, ol pk hp nih..
wkwkkwkwkwkwk

[Junior Riau]

sniff pass login n user login nya,,catat mac nya ganti mac mu dengan mc mereka ,,trus gunakan user mereka ,,wkkw
aman bukan? kalau kena ya user mereka yang dibanned,,bukan user kita,,itu cara ane "nakal" di hotspot kampus wkwkw

[ekawithoutyou]

sniff pass login n user login nya,,catat mac nya ganti mac mu dengan mc mereka ,,trus gunakan user mereka ,,wkkw
aman bukan? kalau kena ya user mereka yang dibanned,,bukan user kita,,itu cara ane "nakal" di hotspot kampus wkwkw

wkwkwkwkkw kejem ni anak kalo gue adminya udah gue jewer ni wkwkwkwk kabooeeerrrrrrrrrr sambil renang :tkp:

[Junior Riau]

wuaseeem -___-"

[ekawithoutyou]

wuaseeem -___-"

wkwkwkwkwkw ngacirrr takut ada yg jewerrrr :tkp: