bojemoi/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6ba4f34c68a0595779dba90848b804c210d63baa
blog/content/posts/commits/2026-04-09-commit-0e0519a.md
Betty 7b2492cc0c
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
Details
post: commit 0e0519a in bojemoi
2026-04-09 16:22:47 +02:00

1.5 KiB
Raw Blame History

title, date, draft, tags, categories, summary, author
title date draft tags categories summary author
[bojemoi] feat(uzi): brute-force credentials Phase 0 sur 15 services 2026-04-09T16:22:46+02:00 false
commit
bojemoi
main
Git Activity
Commit 0e0519a par Betty dans bojemoi Betty

Commit 0e0519a
Repository bojemoi
Branch main
Author Betty
Hash 0e0519a10341ca2a19066b4ef4d5a808477f66a6

Description

Remplace run_ssh_bruteforce() par une architecture générique :

  • BRUTE_MODULES dict : 15 services (ssh, ftp, telnet, smb, mysql, postgresql, mssql, vnc, snmp, imap, pop3, smtp, http/https, tomcat, mongodb) avec module MSF, ports, wordlists et options
  • run_brute_force_service() : fonction générique auxiliary MSF, gère USER_FILE/PASS_FILE optionnels, THREADS, extra opts, détection sessions et reporting Faraday
  • run_bruteforce_phase() : Phase 0 orchestre tous les services détectés, déduplique par module, respecte attack_surface_key (ex: tomcat uniquement si bm12 l'a confirmé)
  • Toutes les wordlists configurables via env vars (surchargeables dans le stack sans rebuild)

Co-Authored-By: Claude Sonnet 4.6 noreply@anthropic.com

Files Changed

M	borodino/thearm_uzi
M	stack/40-service-borodino.yml

Diff Summary

 borodino/thearm_uzi           | 303 +++++++++++++++++++++++++++++++++++++++++-
 stack/40-service-borodino.yml | 143 +++++++++++++-------
 2 files changed, 395 insertions(+), 51 deletions(-)
Reference in New Issue View Git Blame Copy Permalink