Skip to main content

t14m4t is an automated brute-forcing attack FTP & SSH

 README.md

t14m4t

t14m4t is an automated brute-forcing attack tool, wrapper of THC-Hydra and Nmap Security Scanner.


t14m4t is scanning an user defined target (or a document containing targets) for open ports of services supported by t14m4t, and then starting brute-forcing attack against the services running on discovered ports, using lists of most commonly used weak credentials.


Installation:

Installation consists of cloning the repo, running a script that will install dependencies (Debian and Arch only) or installing them manually, and making t14m4t executable. THC-Hydra and Nmap Security Scanner are required in order to run t14m4t.


# git clone https://github.com/MS-WEB-BN/t14m4t/

# cd t14m4t

# sudo bash install.sh

# sudo chmod +x t14m4t

t14m4t can also be installed from Demon App Store on Demon Linux.


Usage:

The only parameter t14m4t requires is the target identification. Target parameter can also be a file, where each target is separated by return. Number of threads if optional parameter, ranging from 1 to 64. If not defined, t14m4t runs the attack with 16 (default) threads.


# ./t14m4t <target> <number of threads>

Example:


# ./t14m4t 192.168.0.1 32

# ./t14m4t /targets/targetlist.txt 32

Supported services:

FTP | SSH | Telnet | SMTP | HTTP | POP3 | SMB | SNMP | LDAP | HTTPS | rexec | rlogin | rsh | IMAP | mssql | mysql | postgres | oracle | RDP | VNC | IRC


Demo:

asciicast


License:

The software is free to use, modify and distribute, as long as the credit is given to the creator (n1x_ [MS-WEB]).


Disclaimer:

Any actions and/or activities done by using t14m4t are solely your responsibility. The misuse of t14m4t can result in criminal charges brought against the persons in question. The author will not be held responsible in the event any criminal charges be brought against any individuals misusing t14m4t to break the law.


Contribution note:

Each of the scripts/tools/programs hosted here are made as a part of MS-WEBs cyber security courses, aimed toward beginners, therefore are purely educational and/or demonstrational, and are meant to stay that way, even if wider audience and real world usage are reached. All pauses present in code are there so that the user can read the output, so the action that is running is understood.


All pull requests removing such pauses, or parts of output are against the educational purpose, and will not be accepted.

Comments

Post a Comment

Popular posts from this blog

RouterSploit ..(Exploitation Framework for Embedded Devices)

RouterSploit - Exploitation Framework for Embedded Devices   The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. click here to video It consists of various modules   that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against network services scanners - modules that check if a target is vulnerable to any exploit payloads - modules that are responsible for generating payloads for various architectures and injection points generic - modules that perform generic attacks Installation Requirements Required: future requests paramiko pysnmp pycrypto Optional: bluepy - bluetooth low energy Installation on Kali Linux apt-get install python3-pip git clone https://www.github.com/threat9/routersploit cd routersploit python3 -m pip install -r requirements.txt python3 rsf.py Bluetooth Low Energy suppo...
Post a Comment
Read more

Embed Payload (Exe) into a PDF Documents – EvilPDF

 Hey folks, today we are going to talk about the tool that can easily add malicious payloads within the .PDF extension files and after which you can easily access any system. As we know it is prohibited to execute malicious payloads inside the window defender system, hence we will send our payload through the PDF files.   Environment Kali Linux = Attacker Window 10 = Victim ( Tested On ) Lets take a look 🙂 !! EvilPDF The EvilPDF tool is specifically designed to embed payloads inside PDF files. It is an open source tool hosted on the github page that we will download using the wget command. git clone https://github.com/thelinuxchoice/evilpdf cd evilpdf 1 2 git clone https://github.com/thelinuxchoice/evilpdf cd evilpdf It require some additional features that we can download using the following command. python -m pip install pypdf2 1 python -m pip install pypdf2 Now we can use this tool using the given command. python evilpdf.py 1 python evilpdf.py In the image below you have t...
Post a Comment
Read more

TheFatRat ( make a bypass antivirus create payload )

TheFatRat             A Massive Exploiting Tool TheFatRat  is an exploiting tool which compiles a malware with famous payload, and then the compiled maware can be executed on Linux , Windows , Mac and Android.  TheFatRat  Provides An Easy way to create Backdoors and Payload which can bypass most anti-virus. Features ! Fully Automating MSFvenom & Metasploit. Local or remote listener Generation. Easily Make Backdoor by category Operating System. Generate payloads in Various formats. Bypass anti-virus backdoors. File pumper that you can use for increasing the size of your files. The ability to detect external IP & Interface address . Automatically creates AutoRun files for USB / CDROM exploitation Installation Instructions on how to install  TheFatRat git clone https://github.com/Screetsec/TheFatRat.git cd TheFatRat chmod +x setup.sh && ./setup.sh Update cd TheFatRat ./update && c...
Post a Comment
Read more