Brutus is one of the best past crackers, because he has a lot of possibilities.
It is used to crack the passwords of mailboxes on the POP3 protocols therefore, it also cracks the passwords of the sites on the FTP or even of the CGI… But let’s see how it works.
Here is how to use the software:
1> FTP: Crack an FTP server
http (basic auth): normal identification system, the software will find the form to crack on its own.
http (from): The same thing but with CGI this time.
POP 3: Cracking a mailbox.
TELNET: crack the site by telnet
SMD (Netbios): crack the netbios password
2> Here you enter the url or the IP of the target.
3>The port number, it depends on the protocol you are attacking…
4> this is used to hide behind a proxy, if this is the case you must meter the proxy’s ip but be aware that the cracking time will be longer .Otherwise I advise you to run it behind a socks with sockscap.
5> To know how many times to try again after each failed connection.
6> Put the identification of the person you are going to crack.
7> Put the identifier you just found if you check single user.
8> otherwise leave it like this.
9> So the most important, you can meter either:
– in wordlist, the fastest method and therefore the safest for cracking because we are quickly spotted, for that we attack the server with dictionary shots, of course we don’t does not make its wordlist all alone you can download it from the site.
-In brute force, the longest method but with this one we are sure to find, because it works like this AA-AB-AC-AD-AE-AF-AG-AH until you find your passwords.
-Combo list is used to make a txt like this:
But hey, frankly it’s not super :/
10> guess what it’s for :s
11> See what Brutus is doing live mwarf!!!
How to protect yourself from it?
It’s very simple you have to put a word that is not in a wordlist and that has more than 8 characters like:
Here is a password that can take 1million years to be cracked with a cpu clocked at 2ghz finally in 1 million years there will be new processors so that’s fine ;).