{"id":15375172,"url":"https://github.com/matricali/cbrutekrag","last_synced_at":"2025-03-17T15:12:47.916Z","repository":{"id":80874464,"uuid":"115204964","full_name":"matricali/cbrutekrag","owner":"matricali","description":"Penetration tests on SSH servers using brute force or dictionary attacks. Written in C.","archived":false,"fork":false,"pushed_at":"2024-08-16T01:31:49.000Z","size":375,"stargazers_count":172,"open_issues_count":2,"forks_count":26,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-03T23:50:00.071Z","etag":null,"topics":["brute-force","bruteforce","c","command-line-tool","dictionary-attack","dictionary-attacks","ethical-hacking","honeypot-detector","libssh","multithreading","penetration-testing","penetration-tests","pentesting","port-scanner","ssh","ssh-bruteforce","ssh-client","ssh-server","ssh-servers"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/matricali.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["matricali"],"patreon":"matricali"}},"created_at":"2017-12-23T15:40:04.000Z","updated_at":"2025-01-03T21:52:09.000Z","dependencies_parsed_at":null,"dependency_job_id":"99517796-b1d6-4a8e-82a5-5f5dccfcf126","html_url":"https://github.com/matricali/cbrutekrag","commit_stats":{"total_commits":181,"total_committers":1,"mean_commits":181.0,"dds":0.0,"last_synced_commit":"4fc29490955c3f71b8c1338cb4a53d9b4cee38be"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matricali%2Fcbrutekrag","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matricali%2Fcbrutekrag/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matricali%2Fcbrutekrag/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matricali%2Fcbrutekrag/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/matricali","download_url":"https://codeload.github.com/matricali/cbrutekrag/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244056425,"owners_count":20390719,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","bruteforce","c","command-line-tool","dictionary-attack","dictionary-attacks","ethical-hacking","honeypot-detector","libssh","multithreading","penetration-testing","penetration-tests","pentesting","port-scanner","ssh","ssh-bruteforce","ssh-client","ssh-server","ssh-servers"],"created_at":"2024-10-01T14:01:48.439Z","updated_at":"2025-03-17T15:12:47.888Z","avatar_url":"https://github.com/matricali.png","language":"C","funding_links":["https://github.com/sponsors/matricali","https://patreon.com/matricali"],"categories":[],"sub_categories":[],"readme":"[![license](https://img.shields.io/github/license/matricali/cbrutekrag.svg)](https://matricali.mit-license.org/2014)\n[![GitHub contributors](https://img.shields.io/github/contributors/matricali/cbrutekrag.svg)](https://github.com/matricali/cbrutekrag/graphs/contributors) [![Build](https://github.com/matricali/cbrutekrag/actions/workflows/build.yml/badge.svg)](https://github.com/matricali/cbrutekrag/actions/workflows/build.yml)\n[![Static Build](https://github.com/matricali/cbrutekrag/actions/workflows/static-build.yml/badge.svg)](https://github.com/matricali/cbrutekrag/actions/workflows/static-build.yml)\n[![Windows Build](https://github.com/matricali/cbrutekrag/actions/workflows/windows-build.yml/badge.svg?branch=master)](https://github.com/matricali/cbrutekrag/actions/workflows/windows-build.yml)\n[![Latest stable release](https://img.shields.io/badge/dynamic/json.svg?label=stable\u0026url=https%3A%2F%2Fapi.github.com%2Frepos%2Fmatricali%2Fcbrutekrag%2Freleases%2Flatest\u0026query=%24.name\u0026colorB=blue)](https://github.com/matricali/cbrutekrag/releases/latest)\n\n# cbrutekrag\nPenetration tests on SSH servers using dictionary attacks. Written in _C_.\n\n\u003e _brute krag_ means \"brute force\" in afrikáans\n\n## Disclaimer\n\u003eThis tool is for ethical testing purpose only.\n\u003ecbrutekrag and its owners can't be held responsible for misuse by users.\n\u003eUsers have to act as permitted by local law rules.\n\n## Run\n\n```bash\n$ cbrutekrag -h\n _ _ _\n | | | | | |\n ___ | |__ _ __ _ _| |_ ___| | ___ __ __ _ __ _\n / __|| '_ \\| '__| | | | __/ _ \\ |/ / '__/ _` |/ _` |\n| (__ | |_) | | | |_| | || __/ \u003c| | | (_| | (_| |\n \\___||_.__/|_| \\__,_|\\__\\___|_|\\_\\_| \\__,_|\\__, |\n OpenSSH Brute force tool 0.6.0 __/ |\n (c) Copyright 2014-2024 Jorge Matricali |___/\n\n https://github.com/matricali/cbrutekrag\n\n\nusage: ./cbrutekrag [-h] [-v] [-aA] [-D] [-P] [-T TARGETS.lst] [-C credentials.lst]\n [-t THREADS] [-f OUTPUT FORMAT] [-o OUTPUT.txt] [-F SCAN OUTPUT FORMAT] [-O SCAN_OUTPUT.txt] [TARGETS...]\n\n-h, --help This help\n-v, --verbose Verbose mode\n-V, --verbose-sshlib Verbose mode (sshlib)\n-s, --scan Scan mode\n-D, --dry-run Dry run\n-P, --progress Progress bar\n-T, --targets \u003cfile\u003e Targets file\n-C, --credentials \u003cfile\u003e Username and password file\n-t, --threads \u003cthreads\u003e Max threads\n-o, --output \u003cfile\u003e Output log file\n-F, --format \u003cpattern\u003e Output log format\n Available placeholders:\n %DATETIME%, %HOSTNAME%\n %PORT%, %USERNAME%, %PASSWORD%\n-O, --scan-output \u003cfile\u003e Output log file for scanner\n-F, --scan-format \u003cpattern\u003e Output log format for scanner\n Available placeholders:\n %DATETIME%, %HOSTNAME%\n %PORT%, %BANNER%.\n Default:\n \"%HOSTNAME%:%PORT%\\t%BANNER%\\n\"\n-a, --allow-non-openssh Accepts non OpenSSH servers\n-A, --allow-honeypots Allow servers detected as honeypots\n --timeout \u003cseconds\u003e Sets connection timeout (Default: 3)\n --check-http \u003chost\u003e Tries to open a TCP Tunnel after successful login\n```\n\n## Example usages\n```bash\ncbrutekrag -T targets.txt -C combinations.txt -o result.log\ncbrutekrag -s -t 8 -C combinations.txt -o result.log 192.168.1.0/24\n```\n\n### Supported targets syntax\n\n* 192.168.0.1\n* 10.0.0.0/8\n* 192.168.100.0/24:2222\n* 127.0.0.1:2222\n\n### Combinations file format\n```\nroot root\nroot password\nroot $BLANKPASS\n$TARGET root\nroot $TARGET\n```\n\n#### Combinations file placeholders\n\n|Placeholder|Purpose|As password| As username|\n|------------|------|-----------|------------|\n|$BLANKPASS|Blank password|✔️|-|\n|$TARGET|Use hostname or IP as a password|✔️|✔️|\n\n### Customizable output format\n\nOutput format can be easily customizable using the command line option `-f`\n\nExample: `./cbrutekrag -f \"%HOSTNAME%:%PORT%|%USERNAME%|%PASSWORD%\\n\"`, which\nproduces an output like:\n\n```\n192.168.0.100:22|root|toor\n192.168.0.105:22|ubnt|ubnt\n```\n\n#### Default value\n\n`%DATETIME%\\t%HOSTNAME%:%PORT%\\t%USERNAME%\\t%PASSWORD%\\n`\n\n```\n2024/04/01 13:05:13 192.168.0.100:22 root admin\n```\n\n#### Placeholders\n\n|Placeholder|Description |Example |\n|-----------|----------------------------------|-------------------|\n|%DATETIME% |Replaced by `Y/m/d HH:ii:ss` date |2024/04/01 12:46:27|\n|%HOSTNAME% |Replaced by hostname or IPv4 |192.168.0.100 |\n|%PORT% |Replaced by connection port |22 |\n|%USERNAME% |Replaced by username used |root |\n|%PASSWORD% |Replaced by password used |admin |\n|\\n |Replaced by LF | |\n|\\t |Replaced by TAB | |\n\n### Customizable output format for scanner\n\nOutput format can be easily customizable using the command line option `-F`\n\nExample: `./cbrutekrag -F \"%HOSTNAME%\\t%PORT%\\t%BANNER%\\n\"`, which\nproduces an output like:\n\n```\n192.168.0.100 22 SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2\n192.168.0.105 22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2\n```\n\n#### Default value\n\n`%HOSTNAME%:%PORT%\\t%BANNER%\\n`\n\n```\n192.168.0.100:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2\n```\n\n#### Placeholders\n\n|Placeholder|Description |Example |\n|-----------|----------------------------------|-------------------|\n|%DATETIME% |Replaced by `Y/m/d HH:ii:ss` date |2024/04/01 12:46:27|\n|%HOSTNAME% |Replaced by hostname or IPv4 |192.168.0.100 |\n|%PORT% |Replaced by connection port |22 |\n|%BANNER% |Replaced by server banner |SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2|\n|\\n |Replaced by LF | |\n|\\t |Replaced by TAB | |\n\n## Requirements\n**cbrutekrag** uses **libssh** - The SSH Library (http://www.libssh.org/)\n\n## Build\n\nRequirements:\n\n* `make`\n* `gcc` compiler\n* `libssh-dev`\n\n```bash\ngit clone --depth=1 https://github.com/matricali/cbrutekrag.git\ncd cbrutekrag\nmake\nmake install\n```\n\n## Static build\n\nRequirements:\n\n* `cmake`\n* `gcc` compiler\n* `make`\n* `libssl-dev`\n* `libz-dev`\n\n```bash\ngit clone --depth=1 https://github.com/matricali/cbrutekrag.git\ncd cbrutekrag\nbash static-build.sh\nmake install\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatricali%2Fcbrutekrag","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatricali%2Fcbrutekrag","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatricali%2Fcbrutekrag/lists"}