In order to make chimera run a brute force attack you must choose a charset. First you can check for -p single passwords, second you can use a -P list of passwords from a file or from stdin. What passwords do you want me to check? - the most important question of all. As with host names you can use a single users name of or a list of them that chimera will read from a file. What's the name of the account I'm attacking? - this simply means that we need to have a username to start our attack. Also if you want to use SSL you have to use the -l option Syntax: If the service you are attacking is listening on an non-std port you can set the correct port with the -e option. If you want to use a list of hosts, you need to use the -H option and supply a file that's every line is one hostname.
Chimera needs to know what host you want to attack. Who am I attacking? - similar to the previous one. s ftp, http, http-proxy, imap, ldap, mysql, nntp, pop3, telnet Currently pop3, ftp, mysql and http_auth are supported. You need to tell chimera the protocol that u want to attack. What am I attacking? - this one is pretty straight forward. These things include: What am I attacking? Who am I attacking? What's the name of the account I'm attacking? What passwords do you want me to check? There are a couple of things that chimera need to know before it starts it work. Lets jump right in and see how to use this great tool. Chimera WILL NOT eat up 100% CPU time under normal conditions (as Hydra often likes to). My goal is to implement most of them in chimera. Unfortunately it uses fork() to do it's job, making it a lot less efficient.
Hydra - the best remote passwd cracking tool out there. The http, http-proxy, imap, ldap, nntp and telnet modules are still in beta, so please don't bitch at me, just send in bug reports. You can also manage the number of threads used, as well as the connection timing, max connection errors, thread creation speed and other values. You can supply a user-defined charset of use a pre-defined one. You can use passwords from wordlists, feed them from stdin or use a variety of brute force methods.
Since version 0.29.9 Chimera supports IPv6. It currently supports ftp, http, http-proxy, imap, ldap, mysql, nntp, pop3, telnet protocols. Chimera was designed to be a fast, thread based, remote password cracking tool.
0 kommentar(er)
