爆破工具安装-centos6.10 神奇hydra\medusa\patator安装
因实验需要,需要在现有机器上安装hydra、medusa、patator等爆破工具
一、安装hydra
(参考:https://bugging.com.cn/2018/05/16/centos6-%E5%AE%89%E8%A3%85hydra/)
1.从GitHub下载安装包:https://github.com/vanhauser-thc/thc-hydra/releases
2.tar xvf 解压
3.进入解压目录: 一顿操作(1) ./configure (2)make (3)make install
期间会出现错误,根据参考文章进行修改,vim hydra-svn.c
原第85-89行内容:
//if ((err = svn_client_create_context(&ctx, pool))) {
if ((err = svn_client_create_context2(&ctx, NULL, pool))) {
svn_handle_error2(err, stderr, FALSE, "hydra: ");
return 4;
}
修改后:
if ((err = svn_client_create_context(&ctx, pool))) {
//if ((err = svn_client_create_context2(&ctx, NULL, pool))) {
svn_handle_error2(err, stderr, FALSE, "hydra: ");
return 4;
}
原第109/110行内容:
//err = svn_client_list2(canonical, &revision, &revision, svn_depth_unknown, dirents, FALSE, print_dirdummy, NULL, ctx, pool);
err = svn_client_list3(canonical, &revision, &revision, svn_depth_unknown, dirents, FALSE, FALSE, (svn_client_list_func2_t) print_dirdummy, NULL, ctx, pool);
修改后:
err = svn_client_list2(canonical, &revision, &revision, svn_depth_unknown, dirents, FALSE, print_dirdummy, NULL, ctx, pool);
//err = svn_client_list3(canonical, &revision, &revision, svn_depth_unknown, dirents, FALSE, FALSE, (svn_client_list_func2_t) print_dirdummy, NULL, ctx, pool);
然后再一顿操作安装即可通过。
发现目前release版本还没支持RDP协议,只好安装老版本了:
wget https://github.com/vanhauser-thc/THC-Archive/raw/master/Tools/hydra-7.4.2.tar.gz
二、medusa
(参考:https://bugging.com.cn/2018/05/17/centos6-%E5%AE%89%E8%A3%85medusa/)
1.下载:https://github.com/jmk-foofus/medusa/releases
2. 一顿安装操作即可通过。
装完才发现medusa没有RDP模块。。
三、patator
(参考:https://www.cnblogs.com/bonelee/p/9322684.html)
随后搜索发现patator工具,可以对RDP协议进行暴力破解
1.下载:https://github.com/lanjelot/patator ,git clone即可
2. 安装:报错了。。。
error:command 'gcc' failed with exit status 1
以及 psycopg 需要PostgreSQL的client 版本>9.1
后来根据(https://www.cnblogs.com/wuzhiblog/p/6375796.html?utm_source=itdadao&utm_medium=referral)一文表示python-dev版本不对。
而psycopg2 需要python2.7以上,目前是centos6.10 只有python2.6 .。。
好吧,只好升级python了:
3.升级python(从2.6 TO 2.7.9)
【参考:https://www.cnblogs.com/yanzi-meng/p/8338469.html and https://blog.csdn.net/weixin_42350212/article/details/80556292】
3.1安装前准备:
3.1.1.安装Development Tools
yum groupinstall -y 'development tools'3.2 下载python2.7版本:wget https://www.python.org/ftp/python/2.7.9/Python-2.7.9.tar.xz (以2.7.9为例)
3.3 解压:tar -Jxvf Python-2.7.9.tar.xz
3.4安装:注意路径对应(1)新建文件:mkdir /usr/local/python279
(2)进入解压文件cd /usr/src/Python-2.7.9/
输入安装命令: ./configure --prefix=/usr/local/python279 && make && make install
(3) 移走当前python软链: mv /usr/bin/python /usr/bin/python26
(4)新建软连:ln -s /usr/local/python279/bin/python2.7 /usr/bin/python
(5)解决yum冲突,yum还是依赖2.6版本的python:
编辑vim /usr/bin/yum , 将文件首行 #!/usr/bin/python 改成 步骤(3)中的路径 #!/usr/bin/python26
【update yum 后同样需要修改一次】
(6)安装pip:
下载 wget https://bootstrap.pypa.io/get-pip.py
运行 python get-pip.py
新建软链: ln -s /usr/local/python279/bin/pip2.7 /usr/bin/pip
4. 再次安装:python setup.py install
报错1:EnvironmentError: mysql_config not found
解决方法:根据(https://www.cnblogs.com/zhanglong8681/p/7052878.html)执行yum -y install mysql-devel
报错2:setuptools.sandbox.UnpickleableException: ConfigurationError('Could not run curl-config: [Errno 2] No such file or directory',)
解决方法:根据(https://blog.51cto.com/kurolz/1935054)
先安装libcurl-devel :yum -y install libcurl-devel;再安装pycurl:pip install pycurl;
安装完pycurl 提示“patator 0.7 requires paramiko, which is not installed.” 直接再安装: pip install paramiko 即可
5. 终于安装成功了!!!
测试下: ./patator.py rdp_login --help ;
还报错:ERROR: xfreerdp 1.2.0-beta1 (https://github.com/FreeRDP/FreeRDP.git) is required to run rdp_login.
{进入GitHub:https://github.com/FreeRDP/FreeRDP 下载release版本;}
后来发现更方便:yum install freerdp
再次运行 ./patator.py rdp_login --help :
[root@centos patator]# ./patator.py rdp_login --help
Patator v0.7 (https://github.com/lanjelot/patator)
Usage: rdp_login [global-options ...]
Examples:
rdp_login host=10.0.0.1 user='administrator' password=FILE0 0=passwords.txt
... ... 6. 根据help提示 输入测试命令:
./patator.py rdp_login host=10.0.0.1 user='administrator' password=FILE0 0=../../data_set/myword3_60.txt
结果:
19:44:39 patator INFO - Starting Patator v0.7 (https://github.com/lanjelot/patator) at 2019-03-18 19:44 CST
19:44:39 patator INFO -
19:44:39 patator INFO - code size time | candidate | num | mesg
19:44:39 patator INFO - -----------------------------------------------------------------------------
19:44:40 patator INFO - 131 138 0.217 | 123123 | 1 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
19:44:40 patator INFO - 131 138 0.302 | sdfqfs | 2 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
19:44:40 patator INFO - 131 138 0.293 | dafwfa | 3 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
19:44:40 patator INFO - 131 138 0.278 | dsag24tsdf | 4 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
19:44:40 patator INFO - 131 138 0.257 | gv334 | 5 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
19:44:40 patator INFO - 131 138 0.257 | sad | 6 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
19:44:40 patator INFO - 131 138 0.253 | 34gasfas | 7 | xf_pre_connect: failed to open display: \nPlease check that the $DISPLAY environment variable is properly set.\nfreerdp_pre_connect failed
====2019年3月19日补充==========
界面问题?环境变量? 学渣表示一脸蒙蔽啊。。。
export DISPLAY=:0.0 设置后变成连不上了,又是一脸懵。。。
11:16:33 patator INFO - 131 104 0.273 | aefsd | 2 | transport_connect: getaddrinfo (Name or service not known)\nError: protocol security negotiation failure
11:16:33 patator INFO - 131 104 0.241 | fwqe | 3 | transport_connect: getaddrinfo (Name or service not known)\nError: protocol security negotiation failure
11:16:33 patator INFO - 131 104 0.208 | fsd | 4 | transport_connect: getaddrinfo (Name or service not known)\nError: protocol security negotiation failure
有大佬指点一下嘛?。。。