Saturday, October 23, 2010

RSYaba Modular Brute Force Attacker v1.0

RSYaba is tool to run brute force attacks against various services in a similar way to Hydra and Medusa. The tool was written after bad experiences at getting existing tools working correctly with HTTP and SSH so it was decided to make a tool that would be easier to configure.
The tool is written in Ruby so modifying the scripts is a lot simpler than having to change C/C++ code then recompile. All the modules so far are based on standard Ruby gems so they handle all the protocol stuff which means there is a nice level of abstraction for the actual attack framework.

While writing the HTTP module, a feature was added that is missing in all the other HTTP bruteforcers, the ability to handle authentication that relies on a cookie already being set and, even stricter, forms that use unique tokens to prevent brute force attacks.

The tool currently supports HTTP, MySQL, and SSH and new modules will be added to it and this page updated accordingly.


No comments: