Crowbar v3.4 is a brute force tool which is support openvpn, rdp, sshkey, vnckey.

Crowbar v3.4 is a brute force tool which is support openvpn, rdp, sshkey, vnckey.

Changelog v3.4:
+ Made the output more verbose
+ Display absolute file paths
+ [SSH] Skip checking public keys
+ [SSH] Display subfolder(s) in use
+ [SSH] Check folder path

Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.

crowbar

crowbar

Currently Crowbar supports:
+ OpenVPN (-b openvpn)
+ Remote Desktop Protocol (RDP) with NLA support (-b rdp)
+ SSH private key authentication (-b sshkey)
+ VNC key authentication (-b vpn)

Logs & Output
Once you have executed Crowbar, it generates 2 files for logging and result that are located in your current directory. Default log file name is crowbar.log which stores all brute force attempts while execution. If you don’t want use default log file, you should use -l log_path. The second file is crowbar.out which stores successful attempts while execution. If you don’t want use default output file, you should use -o output_path. After that you can observe Crowbar operations.

Usage:

Download : v.3.4.zip  | v.3.4.tar.gz
Source : https://github.com/galkan