• We just launched and are currently in beta. Join us as we build and grow the community.

Patator – A Brute Forcing Tool

gtaturismoboss

Altcoin Explorer
G
G Rep
0
0
0
Rep
0
G Vouches
0
0
0
Vouches
0
Posts
175
Likes
189
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 300 XP
White-Basic-Presentation-Template.png


Hey Folks, in this tutorial we are going to talk about another new brute forcing tool named “Patator“. Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings.

Let’s take a look 🙂 !!

Modules (Help)

It comes pre-installed in kali linux operating system, so we can boot it by entering the name of this tool. The help command will show all the modules available in this tool.

patator --help1patator--help

1-28.png

Check Usage of Particular Module

We have configured the FTP service running on port 21 on our virtual machine, so we will take the FTP module itself and try to get a valid username and password to login to the service by using a brute force attack. We can check the complete usage of any module by following the command.

Usage 🙂 !! patator < module name >

patator ftp_login1patator ftp_login

2-30.png

Guessing Username and Password

It will depend on you whether your dictionary is able to crack the password or not. But anyway similarly you can perform brute force attack on any service or website login. Below we have dropped a complete usage guide that you should consider.

Usage 🙂 !! patator < module > host= user=FILE0 password=FILE1 0=< username list > 1=< password list >

patator ftp_login host=192.168.1.9 user=FILE0 password=FILE1 0=/root/username.txt 1=/root/password.txt1patator ftp_login host=192.168.1.9user=FILE0 password=FILE10=/root/username.txt1=/root/password.txt

3-27-1024x454.png

Filters

Similarly if you do not want to print wrong combinations then you can take help of the below command.

Usage 🙂 !! patator < module > host= user=FILE0 password=FILE1 0=< username list > 1=< password list > -x ignore:mesg=’Login incorrect.’

patator ftp_login host=192.168.1.9 user=FILE0 password=FILE1 0=/root/username.txt 1=/root/password.txt -x ignore:mesg='Login incorrect.'1patator ftp_login host=192.168.1.9user=FILE0 password=FILE10=/root/username.txt1=/root/password.txt-xignore:mesg='Login incorrect.'

4-26.png

Brute forcing on Specific Port

As you can see the FTP service typically runs on port 21, but administrators have changed the port number due to increased security levels.

5-25.png


Done 🙂 !! But the tools also provide us with the following features, through which we can also perform brute force attacks on a specific port.

Usage 🙂 patator < module > host= port= user=FILE0 password=FILE1 0=< username list > 1=< password list > -x ignore:mesg=’Login incorrect.’

patator ftp_login host=192.168.1.9 port=2121 user=FILE0 password=FILE1 0=/root/username.txt 1=/root/password.txt -x ignore:mesg='Login incorrect.1patator ftp_login host=192.168.1.9port=2121user=FILE0 password=FILE10=/root/username.txt1=/root/password.txt-xignore:mesg='Login incorrect.

6-23.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

431,395

312,441

312,450

C Crackly22
Top