52 lines
1.5 KiB
Markdown
52 lines
1.5 KiB
Markdown
---
|
|
title: "[bojemoi] feat(uzi): brute-force credentials Phase 0 sur 15 services"
|
|
date: 2026-04-09T16:22:46+02:00
|
|
draft: false
|
|
tags: ["commit", "bojemoi", "main"]
|
|
categories: ["Git Activity"]
|
|
summary: "Commit 0e0519a par Betty dans bojemoi"
|
|
author: "Betty"
|
|
---
|
|
|
|
## Commit `0e0519a`
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Repository** | bojemoi |
|
|
| **Branch** | `main` |
|
|
| **Author** | Betty |
|
|
| **Hash** | `0e0519a10341ca2a19066b4ef4d5a808477f66a6` |
|
|
|
|
|
|
### Description
|
|
|
|
Remplace run_ssh_bruteforce() par une architecture générique :
|
|
- BRUTE_MODULES dict : 15 services (ssh, ftp, telnet, smb, mysql,
|
|
postgresql, mssql, vnc, snmp, imap, pop3, smtp, http/https,
|
|
tomcat, mongodb) avec module MSF, ports, wordlists et options
|
|
- run_brute_force_service() : fonction générique auxiliary MSF,
|
|
gère USER_FILE/PASS_FILE optionnels, THREADS, extra opts,
|
|
détection sessions et reporting Faraday
|
|
- run_bruteforce_phase() : Phase 0 orchestre tous les services
|
|
détectés, déduplique par module, respecte attack_surface_key
|
|
(ex: tomcat uniquement si bm12 l'a confirmé)
|
|
- Toutes les wordlists configurables via env vars (surchargeables
|
|
dans le stack sans rebuild)
|
|
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
|
|
### Files Changed
|
|
|
|
```
|
|
M borodino/thearm_uzi
|
|
M stack/40-service-borodino.yml
|
|
```
|
|
|
|
### Diff Summary
|
|
|
|
```
|
|
borodino/thearm_uzi | 303 +++++++++++++++++++++++++++++++++++++++++-
|
|
stack/40-service-borodino.yml | 143 +++++++++++++-------
|
|
2 files changed, 395 insertions(+), 51 deletions(-)
|
|
```
|