-
Notifications
You must be signed in to change notification settings - Fork 315
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Crowbar
- Loading branch information
Showing
11 changed files
with
689 additions
and
65 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
Copyright (c) 2014 Gökhan ALKAN | ||
Permission is hereby granted, free of charge, to any person obtaining a | ||
copy of this software and associated documentation files (the | ||
"Software"), to deal in the Software without restriction, including | ||
without limitation the rights to use, copy, modify, merge, publish, | ||
distribute, sublicense, and/or sell copies of the Software, and to | ||
permit persons to whom the Software is furnished to do so, subject to | ||
the following conditions: | ||
|
||
The above copyright notice and this permission notice shall be included | ||
in all copies or substantial portions of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | ||
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | ||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND | ||
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE | ||
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION | ||
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | ||
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
## Levye - Brute forcing tool for pentests | ||
|
||
|
||
### What is it? | ||
|
||
**Levye** (crowbar) is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools. | ||
Currently **Levye** supports | ||
- OpenVPN | ||
- SSH private key authentication | ||
+ VNC key authentication | ||
* Remote Desktop Protocol (RDP) with NLA support | ||
|
||
### Installation | ||
|
||
First you shoud install prerequisities | ||
``` | ||
# apt-get install openvpn xfreerdp vncviewer ssh | ||
``` | ||
|
||
Then get latest version from github | ||
``` | ||
# git clone https://github.com/galkan/levye | ||
``` | ||
|
||
|
||
### Usage | ||
|
||
**Brute forcing RDP** | ||
``` | ||
# ./levye.py -b rdp -s 172.16.1.12/32 -u Administrator -c pass.txt | ||
``` | ||
|
||
**Brute forcing SSH** | ||
``` | ||
# ./levye.py -b sshkey -s 127.0.0.1/32 -u root -p 22 -k id_rsa | ||
``` | ||
|
||
**Brute forcing VNC server** | ||
``` | ||
# ./levye.py -b vnckey -s 172.16.3.87/32 -p 5901 -c keys/vncpass | ||
``` | ||
|
||
**Brute forcing OpenVPN** | ||
``` | ||
# ./levye.py -b openvpn -s 172.16.1.100/32 -m server.ovpn -c pass.txt -u user.txt -k server.ca.crt -p 443 | ||
``` | ||
|
||
### Example output | ||
|
||
# cat levye.out | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
#!/usr/bin/env python | ||
|
||
|
||
try: | ||
from lib.main import Main | ||
except ImportError,e: | ||
import sys | ||
sys.stdout.write("%s\n" %e) | ||
sys.exit(1) | ||
|
||
## | ||
### Main | ||
## | ||
|
||
if __name__ == "__main__": | ||
|
||
crowbar = Main() | ||
crowbar.run(crowbar.args.brute) |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
class bcolors: | ||
OKBLUE = '\033[94m' | ||
OKGREEN = '\033[92m' | ||
ENDC = '\033[0m' | ||
|
||
def disable(self): | ||
self.OKBLUE = '' | ||
self.OKGREEN = '' | ||
self.ENDC = '' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
|
||
try: | ||
import socket | ||
import struct | ||
import sys | ||
import re | ||
except ImportError,e: | ||
import sys | ||
sys.stdout.write("%s\n" %e) | ||
sys.exit(14) | ||
|
||
|
||
class InvalidIPAddress(ValueError): | ||
"The ip address given to ipaddr is improperly formatted" | ||
|
||
|
||
class IpRange: | ||
""" | ||
Derived from http://www.randomwalking.com/snippets/iprange.text | ||
""" | ||
|
||
def ipaddr_to_binary(self,ipaddr): | ||
q = ipaddr.split('.') | ||
return reduce(lambda a,b: long(a)*256 + long(b), q) | ||
|
||
|
||
def binary_to_ipaddr(self,ipbinary): | ||
return socket.inet_ntoa(struct.pack('!I', ipbinary)) | ||
|
||
|
||
def iprange(self, ipaddr): | ||
span_re = re.compile(r'''(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) # The beginning IP Address | ||
\s*-\s* | ||
(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) # The end IP Address | ||
''', re.VERBOSE) | ||
res = span_re.match(ipaddr) | ||
if res: | ||
beginning = res.group(1) | ||
end = res.group(2) | ||
return span_iprange(beginning, end) | ||
|
||
cidr_re = re.compile(r'''(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) # The IP Address | ||
/(\d{1,2}) # The mask | ||
''', re.VERBOSE) | ||
res = cidr_re.match(ipaddr) | ||
if res: | ||
addr = res.group(1) | ||
cidrmask = res.group(2) | ||
return self.cidr_iprange(addr, cidrmask) | ||
wild_re = re.compile(r'''(\d{1,3}|\*)\. | ||
(\d{1,3}|\*)\. | ||
(\d{1,3}|\*)\. | ||
(\d{1,3}|\*) # The IP Address | ||
''', re.VERBOSE) | ||
res = wild_re.match(ipaddr) | ||
if res: | ||
return wildcard_iprange(ipaddr) | ||
|
||
raise InvalidIPAddress | ||
|
||
|
||
def span_iprange(self, beginning, end): | ||
b = self.ipaddr_to_binary(beginning) | ||
e = ipaddr_to_binary(end) | ||
while (b <= e): | ||
yield binary_to_ipaddr(b) | ||
b = b + 1 | ||
|
||
|
||
def cidr_iprange(self, ipaddr, cidrmask): | ||
mask = (long(2)**long(32-long(cidrmask))) - 1 | ||
b = self.ipaddr_to_binary(ipaddr) | ||
e = self.ipaddr_to_binary(ipaddr) | ||
b = long(b & ~mask) | ||
e = long(e | mask) | ||
while (b <= e): | ||
yield self.binary_to_ipaddr(b) | ||
b = b + 1 | ||
|
||
|
||
def wildcard_iprange(ipaddr): | ||
beginning = [] | ||
end = [] | ||
|
||
tmp = ipaddr.split('.') | ||
for i in tmp: | ||
if i == '*': | ||
beginning.append("0") | ||
end.append("255") | ||
else: | ||
beginning.append(i) | ||
end.append(i) | ||
b = beginning[:] | ||
e = end[:] | ||
|
||
while int(b[0]) <= int(e[0]): | ||
while int(b[1]) <= int(e[1]): | ||
while int(b[2]) <= int(e[2]): | ||
while int(b[3]) <= int(e[3]): | ||
yield b[0] + '.' + b[1] + '.' + b[2] + '.' + b[3] | ||
b[3] = "%d" % (int(b[3]) + 1) | ||
b[2] = "%d" % (int(b[2]) + 1) | ||
b[3] = beginning[3] | ||
b[1] = "%d" % (int(b[1]) + 1) | ||
b[2] = beginning[2] | ||
b[0] = "%d" % (int(b[0]) + 1) | ||
b[1] = beginning[1] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
|
||
try: | ||
import logging | ||
import os.path | ||
except ImportError,e: | ||
import sys | ||
sys.stdout.write("%s\n" %e) | ||
sys.exit(1) | ||
|
||
|
||
class Logger: | ||
|
||
def __init__(self, log_file, output_file): | ||
|
||
|
||
self.logger_log = logging.getLogger('log_file') | ||
self.logger_log.setLevel(logging.INFO) | ||
|
||
handler_log = logging.FileHandler(os.path.join(".", log_file),"a", encoding = None, delay = "true") | ||
handler_log.setLevel(logging.INFO) | ||
formatter = logging.Formatter("%(asctime)s %(message)s", "%Y-%m-%d %H:%M:%S") | ||
handler_log.setFormatter(formatter) | ||
self.logger_log.addHandler(handler_log) | ||
|
||
|
||
self.logger_output = logging.getLogger('output_file') | ||
self.logger_output.setLevel(logging.INFO) | ||
|
||
handler_out = logging.FileHandler(os.path.join(".", output_file),"a", encoding = None, delay = "true") | ||
handler_out.setLevel(logging.INFO) | ||
formatter = logging.Formatter("%(asctime)s %(message)s", "%Y-%m-%d %H:%M:%S") | ||
handler_out.setFormatter(formatter) | ||
self.logger_output.addHandler(handler_out) | ||
|
||
consoleHandler = logging.StreamHandler() | ||
consoleHandler.setFormatter(formatter) | ||
self.logger_output.addHandler(consoleHandler) | ||
|
||
|
||
|
||
def log_file(self , message): | ||
|
||
self.logger_log.critical(message) | ||
|
||
|
||
def output_file(self, message): | ||
|
||
self.logger_output.critical(message) |
Oops, something went wrong.