Weak passwords is a well known vulnerability, due to this most of the corp orates are compromised. Lots of people use weak passwords that can be brute forced and plain text can be obtained.

Hashes are generated by single-way mathematical algorithms, that means they can't be reversed. So the only way to crack is to brute force them.

In today's tutorial we will learn how we can break password hashes by brute force using patator from our Kali Linux.

Sometimes, it is possible we have the usernames but we went to try brute forcing the password. Patator is an awesome tool that allows us to brute force several types of logins and even ZIP passwords.

To see all the options we fire up our terminal window and run following command:-
patator -h

The output of the preceding command shows in following screenshot:


Let's try to brute force an FTP login (We can scan target host using scanning tools like nmap and find open FTP ports).
patator ftp_login

The screenshot is following:


Now we can set the host, user file and password file and run the module using following command :
patator ftp_login host= user=path/of/user-list.txt password=/path/of/ftp_pass.txt

The following screenshot shows the output of the preceding command:


If we get the access this will stop running and show us the result.

Not only FTP login patator can brute force in various types of logins:
  • ftp_login : Brute Force FTP
  • ssh_login : Brute Force SSH
  • telnet_login : Brute Force Telnet
  • smtp_login : Brute Force SMTP
  • smtp_vrfy : Enumerate valid users using SMTP VRFY
  • smtp_rcpt : Enumerate valid users using SMTP RCPT TO
  • finger_lookup : Enumerate valid users using Finger
  • http_fuzz : Brute Force HTTP
  • ajp_fuzz : Brute Force AJP
  • pop_login : Brute Force POP3
  • pop_passd : Brute Force poppassd
  • imap_login : Brute Force IMAP4
  • ldap_login : Brute Force LDAP
  • smb_login : Brute Force SMB
  • smb_lookupsid : Brute Force SMB SID-lookup
  • rlogin_login : Brute Force rlogin
  • vmauthd_login : Brute Force VMware Authentication Deamon
  • mssql_login : Brute Force MSSQL
  • oracle_login : Brute Force Oracle
  • mysql_login : Brute Force MYSQL
  • mysql_query : Brute Force MySQL queries
  • rdp_login : Brute Force RDP (NLA)
  • pgsql_login : Brute Force PostgreSQL
  • vnc_login : Brute Force VNC
  • dns_forward : Forward DNS lookup
  • dns_reverse : Reverse DNS lookup
  • snmp_login : Brute Force SNMP v 1/2/3
  • ike_enum : Brute Force IKE transforms
  • unzip_pass : Brute Force the password of encrypted ZIP files
  • keystore_pass : Brute Force the password of Java keystore files
  • sqlcipher_pass : Brute Force the password of SQLCipher database
  • unbraco_crack : Crack Umbraco HMAC-SH1 password hashes
  • tcp_fuzz : Fuzz TCP services
  • dummy_test : Testing Module
In this way we can run brute force attack on such many kinds of logins using patator in our Kali Linux system. If you liked us Then Follow us on Twitter.