brute

package
v2.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2026 License: MIT Imports: 52 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultCircuitBreakerThreshold = 5

DefaultCircuitBreakerThreshold is the number of consecutive connection failures before a host is considered unreachable and further attempts are skipped.

Variables

This section is empty.

Functions

func IsRegistered added in v2.5.2 

func IsRegistered(service string) bool

IsRegistered returns true if a service has a registered module.

func PlainAuth added in v2.5.2 

func PlainAuth(identity, username, password, host string) smtp.Auth

func Register added in v2.5.2 

func Register(service string, fn BruteFunc)

Register adds a brute-force module to the registry.

func Services added in v2.5.2 

func Services() []string

Services returns a sorted list of all registered service names.

Types

type BruteFunc added in v2.5.2 

type BruteFunc func(host string, port int, user, password string,
	timeout time.Duration, cm *modules.ConnectionManager,
	params ModuleParams) *BruteResult

BruteFunc is the unified signature for all brute-force modules.

func Lookup added in v2.5.2 

func Lookup(service string) (BruteFunc, bool)

Lookup returns the module function for a service, if registered.

type BruteResult added in v2.5.2 

type BruteResult struct {
	AuthSuccess       bool
	ConnectionSuccess bool
	Error             error         // underlying error for diagnostics
	Banner            string        // service banner if captured
	RetryDelay        time.Duration // if > 0, module requests this delay before next retry (e.g. VNC anti-brute)
	SkipUser          bool          // if true, skip remaining passwords for this user (e.g. FTP 530 user-not-found)
}

BruteResult captures the outcome of a single credential attempt including whether the connection itself succeeded (to distinguish auth failures from network failures).

func BruteAsterisk 

func BruteAsterisk(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteFTP 

func BruteFTP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteHTTP 

func BruteHTTP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteHTTPForm added in v2.6.0 

func BruteHTTPForm(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteHTTPForm brute-forces HTML login forms using configurable POST/GET requests with credential placeholders.

Required params: 

url   — login form path (e.g., /login)
body  — POST body with %U/%W placeholders (e.g., user=%U&pass=%W)
fail  — failure string in response body (e.g., "Invalid credentials")

Optional params: 

success      — success string (alternative to fail matching)
follow       — follow redirects (true/false, default false)
cookie       — custom cookie to send
content-type — default application/x-www-form-urlencoded
method       — POST (default) or GET
user-agent   — custom User-Agent
csrf         — CSRF token hidden field name (enables GET-before-POST)
form-url     — URL to GET for CSRF token (default: same as url)

func BruteIMAP 

func BruteIMAP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteLDAP added in v2.5.2 

func BruteLDAP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteMSSQL 

func BruteMSSQL(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteMYSQL 

func BruteMYSQL(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteMongoDB 

func BruteMongoDB(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteNNTP 

func BruteNNTP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteOracle 

func BruteOracle(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BrutePOP3 

func BrutePOP3(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BrutePostgres 

func BrutePostgres(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteRDP 

func BruteRDP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteRSH added in v2.6.0 

func BruteRSH(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteRSH implements the rsh protocol (TCP port 514). Protocol: \0local_user\0remote_user\0command\0

func BruteRedis added in v2.5.2 

func BruteRedis(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteRexec added in v2.6.0 

func BruteRexec(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteRexec implements the rexec protocol (TCP port 512). Protocol: \0username\0password\0command\0

func BruteRlogin added in v2.6.0 

func BruteRlogin(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteRlogin implements the rlogin protocol (TCP port 513). Protocol: \0local_user\0remote_user\0terminal/speed\0

func BruteSMB 

func BruteSMB(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteSMTP 

func BruteSMTP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteSMTPVRFY added in v2.6.0 

func BruteSMTPVRFY(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteSMTPVRFY performs SMTP user enumeration via VRFY, EXPN, or RCPT TO. The username field is the address to verify; password is ignored.

func BruteSNMP 

func BruteSNMP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteSSH 

func BruteSSH(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteSVN added in v2.6.0 

func BruteSVN(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteSVN brute-forces SVN repositories using HTTP Basic authentication. SVN over HTTP uses WebDAV (PROPFIND or OPTIONS), but Basic auth check via GET/OPTIONS is sufficient for brute-forcing.

func BruteSocks5 added in v2.6.0 

func BruteSocks5(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteSocks5 brute-forces SOCKS5 proxy authentication per RFC 1928/1929.

func BruteTeamSpeak 

func BruteTeamSpeak(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteTelnet 

func BruteTelnet(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteVMAuthd 

func BruteVMAuthd(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteVNC 

func BruteVNC(host string, port int, user string, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteWinRM added in v2.5.2 

func BruteWinRM(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func BruteWrapper added in v2.6.0 

func BruteWrapper(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

BruteWrapper executes an external command with credential placeholders. Placeholders: %H (host), %P (port), %U (user), %W (password). Exit code 0 = success. Requires params["cmd"] to be set. SECURITY: Requires --allow-wrapper flag (params["allow-wrapper"] == "true").

func BruteXMPP 

func BruteXMPP(host string, port int, user, password string, timeout time.Duration, cm *modules.ConnectionManager, params ModuleParams) *BruteResult

func RunBrute 

func RunBrute(h modules.Host, u string, p string, timeout time.Duration, maxRetries int, output string, socks5 string, netInterface string, domain string, cm *modules.ConnectionManager, params ModuleParams) BruteResult

func RunWithTimeout added in v2.5.2 

func RunWithTimeout(timeout time.Duration, fn func(ctx context.Context) *BruteResult) *BruteResult

RunWithTimeout executes fn with the given timeout. If the function does not complete within the timeout, a result with ConnectionSuccess=false is returned. The context passed to fn will be cancelled on timeout, allowing cooperative cancellation inside the function.

type CircuitBreaker added in v2.5.2 

type CircuitBreaker struct {
	// contains filtered or unexported fields
}

CircuitBreaker tracks consecutive connection failures per host and trips (skips further attempts) after a threshold is reached.

func GetCircuitBreaker added in v2.5.2 

func GetCircuitBreaker() *CircuitBreaker

GetCircuitBreaker returns the global circuit breaker instance.

func (*CircuitBreaker) IsTripped added in v2.5.2 

func (cb *CircuitBreaker) IsTripped(hostKey string) bool

IsTripped returns true if the host has been marked unreachable. Always returns false when the circuit breaker is disabled.

func (*CircuitBreaker) RecordFailure added in v2.5.2 

func (cb *CircuitBreaker) RecordFailure(hostKey string) bool

RecordFailure increments the consecutive failure counter for a host and trips the breaker if the threshold is reached. Returns true if tripped.

func (*CircuitBreaker) RecordSuccess added in v2.5.2 

func (cb *CircuitBreaker) RecordSuccess(hostKey string)

RecordSuccess resets the consecutive failure counter for a host.

func (*CircuitBreaker) Reset added in v2.5.2 

func (cb *CircuitBreaker) Reset(hostKey string)

Reset clears the circuit breaker state for a host.

func (*CircuitBreaker) SetDisabled added in v2.5.2 

func (cb *CircuitBreaker) SetDisabled(disabled bool)

SetDisabled controls whether the circuit breaker is active.

type ContextDialerWrapper 

type ContextDialerWrapper struct {
	CM *modules.ConnectionManager
}

func (*ContextDialerWrapper) DialContext 

func (cdw *ContextDialerWrapper) DialContext(ctx context.Context, network, address string) (net.Conn, error)

DialContext dials using the ConnectionManager and propagates the context deadline to the connection so that MongoDB operations respect timeouts (3.5 fix).

type ModuleParams added in v2.6.0 

type ModuleParams map[string]string

ModuleParams carries per-module configuration such as auth method, domain, HTTPS flag, target path, etc. Modules read what they need and ignore the rest.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.