概述
我们在做企业安全时,弱口令检测是系统/网络安全的最基础的部分之一,根据经验,经常会出现弱口令的服务如下:
FTP
SSH
SMB
MYSQL
MSSQL
POSTGRESQL
REDIS
MONGODB
ELASTICSEARCH
使用参数
hartnett at hartnettdeMacBook-Pro in /data/code/golang/src/x-crack (master)$ ./x-crack
NAME:
x-crack - Weak password scanner, Support: FTP/SSH/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
USAGE:
x-crack [global options] command [command options] [arguments...]
VERSION:
20171227
AUTHOR(S):
netxfly <[email protected]>
COMMANDS:
scan start to crack weak password
dump dump result to a text file
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--debug, -d debug mode
--timeout value, -t value timeout (default: 5)
--scan_num value, -n value thread num (default: 5000)
--ip_list value, -i value iplist (default: "iplist.txt")
--user_dict value, -u value user dict (default: "user.dic")
--pass_dict value, -p value password dict (default: "pass.dic")
--outfile value, -o value scan result file (default: "x_crack.txt")
--help, -h show help
--version, -v print the version
使用截图
文章来源:
https://github.com/netxfly/x-crack
推荐文章++++