||This is the BAD file for cracking NetBus authentication, [This file is
included with the Brutus AET2 zip file.
|Example su root
||This is an example BAD file showing how to attack the root password from
an existing user account using the 'su' command within a telnet session.
You will need to change the unprivledged username and password in the
||This is a BAD file for attacking the console password on a Cisco router,
it should work with any Cisco that uses the default prompts. Most Cisco
routers do NOT like multiple telnet connections (you can do 2 on a good
||This is a BAD file for attacking the console enable password on a Cisco
router, it should work with any Cisco that uses the default prompts. Since
this particular type will maintain telnet connections to the target router
you should be able to do 3 connections at a time. Using 3 connections I
generally achieve 60-65 attempts per second, on a dial-up you should still
be able to get 50 attempts per second. NOTE : The cisco console password
is set to 'cisco' in this BAD file, change it as necessary.
|Shiva LANRover (console)
||This is a BAD file for username/passwords on a Shiva LANRover access
server. These are common in many organisations that offer remote dial-in
access. I have only tried this BAD file a few times but it works
|NNTP (News Servers)
||This is a BAD file for attacking the authentication scheme used in NNTP
servers (e.g. Usenet servers), it is not yet tested but should work
|SMTP VeRiFY Users
||Mmmm, why not? Saw a little skript on packetstorm to trawl through a
user list attempting to identify valid users using an SMTP server. This
BAD file allows Brutus to do this. Just point it at the target SMTP server
and load your user list into the password file. This uses the SMTP VRFY
command which should be disabled on the target but often is not.
|SMTP ReCiPienT Users
||As above except that this uses the SMTP RCPT command which is used to
specify the mail recipient. You may need to modify the authentication
sequence by adding '@whatever.com' in the password post-fix slot.