Kali Linux

BruteLoops : Protocol Agnostic Online Password Guessing API

BruteLoops is a dead simple library providing the foundational logic for efficient password brute force attacks against authentication interfaces.

See various Wiki sections for more information.

A “modular” example is included with the library that demonstrates how to use this package. It’s fully functional and provides multiple brute force modules. Below is a sample of its capabilities:

http.accellion_ftp Accellion FTP HTTP interface login module
http.basic_digest Generic HTTP basic digest auth
http.basic_ntlm Generic HTTP basic NTLM authentication
http.global_protect
Global Protect web interface
http.mattermost Mattermost login web interface
http.netwrix Netwrix web login
http.okta Okta JSON API
http.owa2010 OWA 2010 web interface
http.owa2016 OWA 2016 web interface
smb.smb Target a single SMB server
testing.fake Fake authentication module for training/testing

Key Features

  • Protocol agnostic – If a callback can be written in Python, BruteLoops can be used to attack it
  • SQLite support – All usernames, passwords, and credentials are maintained in an SQLite database.
    • A companion utility (dbmanager.py) that creates and manages input databases accompanies BruteLoops
  • Spray and Stuffing Attacks in One Tool – BruteLoops supports both spray and stuffing attacks in the same attack logic and database, meaning that you can configure a single database and run the attack without heavy reconfiguration and confusion.
  • Guess scheduling – Each username in the SQLite database is configured with a timestamp that is updated after each authentication event. This means we can significantly reduce likelihood of locking accounts by scheduling each authentication event with precision.
  • Fine-grained configurability to avoid lockout events – Microsoft’s lockout policies can be matched 1-to-1 using BruteLoop’s parameters:
    • auth_threshold = Lockout Threshold
    • max_auth_jitter = Lockout Observation Window
    • Timestampes associated with each authentication event are tracked in BruteLoops’ SQLite database. Each username receives a distinct timestamp to assure that authentication events are highly controlled.
  • Attack resumption – Stopping and resuming an attack is possible without worrying about losing your place in the attack or locking accounts.
  • Multiprocessing – Speed up attacks using multiprocessing! By configuring the`parallel guess count, you’re effectively telling BruteLoops how many usernames to guess in parallel.
  • Logging – Each authentication event can optionally logged to disk. This information can be useful during red teams by providing customers with a detailed attack timeline that can be mapped back to logged events.

Dependencies

BruteLoops requires Python3.7 or newer and SQLAlchemy 1.3.0, the latter of which can be obtained via pip and the requirements.txt file in this repository: python3.7 -m pip install -r requirements.txt

Installation

git clone https://github.com/arch4ngel/bruteloops
cd bruteloops
python3 -m pip install -r requirements.txt

How do I use this Damn Thing?

Jeez, alright already…we can break an attack down into a few steps:

  • Find an attackable service
  • If one isn’t already available in the example.py[1] directory, build a callback
  • Find some usernames, passwords, and credentials
  • Construct a database by passing the authentication data to dbmanager.py[2]
  • If relevant, Enumerate or request the AD lockout policy to intelligently configure the attack
  • Execute the attack in alignment with the target lockout policy[1][3][4]
R K

Recent Posts

cp Command: Copy Files and Directories in Linux

The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…

1 week ago

Image OSINT

Introduction In digital investigations, images often hold more information than meets the eye. With the…

1 week ago

cat Command: Read and Combine File Contents in Linux

The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…

1 week ago

Port In Networking

What is a Port? A port in networking acts like a gateway that directs data…

1 week ago

ls Command: List Directory Contents in Linux

The ls command is fundamental for anyone working with Linux. It’s used to display the files and…

1 week ago

pwd Command: Find Your Location in Linux

The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…

1 week ago