ncrack
Network authentication cracking
SYNOPSIS
ncrack [options]
PARAMETERS
-h, --help
Display help information.
-v, --verbose
Increase verbosity level (can be used multiple times).
-d, --debug
Enable debugging mode.
-iL
Input from list of hosts/networks.
-p
Ports to crack.
-u
Username to use (or username list).
-P
Password to use (or password list).
--userdb
Use users from a database file.
--passdb
Use passwords from a database file.
-T
Milliseconds to wait between attempts.
--resume
Resume aborted cracking session.
-o
Save output to file.
DESCRIPTION
ncrack is a network authentication cracking tool designed to brute-force authentication protocols. It allows for fast, reliable, and sophisticated brute-force attacks against multiple hosts simultaneously. Unlike other brute-forcing tools, ncrack adapts its behavior dynamically based on network response, optimizing the cracking process.
It supports various protocols like SSH, FTP, Telnet, HTTP(S), POP3, SMTP, and more. ncrack is designed to be modular, allowing for easy addition of new protocols and cracking techniques. It also offers advanced features such as timing control, credential management, and report generation. Its capabilities enable security professionals to audit network security and identify weak passwords.
CAVEATS
ncrack can be resource-intensive and may trigger intrusion detection systems. Always obtain proper authorization before using it on a network.
TARGET SPECIFICATION
Targets can be specified as IP addresses, hostnames, or network ranges using CIDR notation (e.g., 192.168.1.0/24).
MODULES
ncrack supports a module system which allows it to extend and customize its functionality. The default module is 'ssh'. Use the command 'ncrack --list-modules' for a list of available modules.
HISTORY
ncrack was developed as a part of the Nmap project by Ron Bowes. Its aim was to create a flexible and high-performance network authentication cracking tool. The project was motivated by the need for an open-source solution that could address weaknesses in network services and assist in security auditing.