Crowbar - Brute forcing tool supported by thc-hydra and Other Popular

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.

Currently Crowbar supports:

• OpenVPN (-b openvpn)
• Remote Desktop Protocol (RDP) with NLA support (-b rdp)
• SSH private key authentication (-b sshkey)
• VNC key authentication (-b vpn)

Installation

Install all the dependencies:

apt-get -y install openvpn freerdp-x11 vncviewer

Then get latest version from GitHub:

git clone https://github.com/101Scratch/crowbar.git

Note: The RDP client package depends on your OS:

• Debian 7/8 & Kali 1/2 uses freerdp-x11 package.
• Else you can try xfreerdp.
• Else you may need to compile & tweak freerdp by following: http://opentechnotes.blogspot.co.uk/2015/02/compile-headless-freerdp-credential-checking.html

Don't forget to edit the script to point to the new binary!

./crowbar.py -b rdp -u DOMAIN\\gokhan alkan -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:03:39 RDP-SUCCESS : 10.68.35.150:3389 - "DOMAIN\gokhan alkan":Aa123456

./crowbar.py -b rdp -u gokhan alkan@ornek -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:04:00 RDP-SUCCESS : 10.68.35.150:3389 - "gokhan alkan@DOMAIN":Aa123456

./crowbar.py -b rdp -s 192.168.2.182/32 -u admin -c Aa123456

./crowbar.py -b openvpn -s 198.7.62.204/32 -p 443 -m /root/Desktop/vpnbook.ovpn -k /root/Desktop/vpnbook_ca.crt -u vpnbook -c cr2hudaF