patator

Brute force ssh login with rate limit and timeout options (successful login will show login banner or something similar)

$ patator ssh_login host=[ip_or_host] user=FILE0 password=FILE1 0=[path/to/users.txt] 1=[path/to/passwords.txt] --rate_limit=[seconds] --timeout=[seconds] -x ignore:mesg='Authentication failed.'

$ patator unzip_pass zipfile=[path/to/file.zip] password=FILE0 0=[path/to/passwords.txt] -x ignore:code!=0

$ patator http_fuzz url=[http://host:port] auth_type=basic user_pass=COMBO00:COMBO01 0=[path/to/userpass.txt] -x ignore:code=401

$ patator ftp_login host=[ip_or_host] user=FILE0 password=FILE1 0=[path/to/users.txt] 1=[path/to/passwords.txt] tls=[0|1] -x ignore:mesg='Login incorrect.' -x ignore,reset,retry:code=500

$ patator --help

$ patator [module_name] --help

patator [global_options] [module_specific_options]

Examples:
patator ssh_login -u username -P passwords.txt --scan-ports 22,2222
patator http_fuzz url=http://example.com/FUZZ 0=./wordlist.txt --valid-code 200

-h, --help
    Show program's help message and exit. Can be used with modules (e.g., patator ssh_login -h) to see module-specific options.

-v, --verbose
    Increase verbosity level. Use multiple times for more detailed output (e.g., -vvv).

-x, --execute
    Execute system commands (e.g., payload generation from external scripts).

--output
    Save the output to a specified file instead of printing to standard output.

--delay
    Set a delay in seconds between each request to avoid overwhelming the target or detection.

--concurrency
    Set the number of concurrent connections or threads to use for attacks. Increasing this can speed up attacks but also increase network load and detection risk.

--proxy ://:
    Route all traffic through a specified proxy (e.g., SOCKS5, HTTP).

--user-agent
    Set a custom User-Agent header for HTTP-based attacks.

--timeout
    Set the maximum time in seconds to wait for a server response.

--stop-on-success
    Stop the attack immediately after finding the first valid combination of credentials or successful payload.

--ignore-ssl-certs
    Ignore SSL/TLS certificate validation errors, useful for self-signed certificates or specific test environments.

--follow-redirects
    Automatically follow HTTP redirects during web-based attacks.


    Each module (e.g., ssh_login, http_fuzz) has its own set of specific options for configuring the attack (e.g., target, usernames, passwords, custom headers, success/failure indicators).

Patator is a Python-based, multi-purpose brute-forcer and vulnerability scanner. It's designed to be flexible and modular, allowing users to perform various types of attacks, primarily password guessing, but also enumeration and fuzzing against a wide range of network protocols and services.

It supports numerous modules for services like HTTP, HTTPS, FTP, SSH, Telnet, SMTP, POP3, IMAP, SQL, SMB, and more. Patator can utilize different attack methods, including dictionary attacks, brute-force attacks, and hybrid attacks. Its strength lies in its ability to generate highly customizable payloads from files, ranges, or command outputs, and its support for proxies, concurrency, and specific network configurations. It is a powerful tool for penetration testers and security professionals to test the robustness of authentication mechanisms.

Patator is a powerful tool designed for legitimate security testing. Misuse of this tool against systems for which you do not have explicit authorization is illegal and unethical. Using it can generate significant network traffic, potentially trigger intrusion detection/prevention systems (IDS/IPS), and may cause performance degradation or denial-of-service on target systems if not used carefully.

Always ensure you have proper authorization and understand the potential impact before using Patator in any environment.

Patator operates based on a modular architecture, where each module corresponds to a specific service or attack type. Examples include ssh_login (for SSH authentication), ftp_login (for FTP authentication), http_fuzz (for web application fuzzing), smtp_enum (for SMTP user enumeration), and many others. Users select a module based on the target service they wish to test.

Payloads are the actual values Patator iterates through during an attack (e.g., usernames, passwords, directory names). Patator offers flexible payload generation:
FILE[N]: Read payloads from a file (e.g., FILE0=usernames.txt).
RANGE[N]: Generate payloads from a numerical or character range (e.g., RANGE0=0-999).
COMMAND[N]: Generate payloads dynamically from the output of an external command (e.g., COMMAND0='cat /etc/passwd | cut -d: -f1').
Payloads can be combined to form complex attack vectors.

Patator was developed by Laurent Gaffié, a security researcher, and first released around 2012-2013. It was created with the aim of providing a more flexible and modular brute-forcing framework compared to existing tools at the time. Written in Python, it quickly gained popularity within the penetration testing and ethical hacking communities due to its extensibility, support for a wide array of protocols, and powerful payload generation capabilities. While its core functionality remains robust, its development and maintenance may vary over time depending on the contributor activity.

hydra(1), nmap(1), medusa(1), john(1), hashcat(1), ffuf(1), gobuster(1)