Skip to content

feature: add smb_brute command#1070

Merged
securestep9 merged 6 commits intoOWASP:masterfrom
NtAlexio2:smb_brute
Jun 9, 2025
Merged

feature: add smb_brute command#1070
securestep9 merged 6 commits intoOWASP:masterfrom
NtAlexio2:smb_brute

Conversation

@NtAlexio2
Copy link
Contributor

@NtAlexio2 NtAlexio2 commented May 9, 2025
edited
Loading

Proposed change

This PR adds a new module to bruteforce credentials on SMB protocol. It uses Impacket library as core.
sample output:

(nettacker-py3.11) root@2cffc506e9ef:/usr/src/owaspnettacker# python nettacker.py -m smb_brute -i 172.16.5.41 -d
   ______          __      _____ _____
  / __ \ \        / /\    / ____|  __ \
 | |  | \ \  /\  / /  \  | (___ | |__) |
 | |  | |\ \/  \/ / /\ \  \___ \|  ___/
 | |__| | \  /\  / ____ \ ____) | |     Version 0.4.0
  \____/   \/  \/_/    \_\_____/|_|     QUIN
                          _   _      _   _             _
                         | \ | |    | | | |           | |
  github.com/OWASP       |  \| | ___| |_| |_ __ _  ___| | _____ _ __
  owasp.org              | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
  z3r0d4y.com            | |\  |  __/ |_| || (_| | (__|   <  __/ |
                         |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|

[2025-05-08 14:12:24][+] Nettacker engine started ...
[2025-05-08 14:12:27][+] 113 modules loaded ...
[2025-05-08 14:12:31][+] ScanID: wbckqplowzykuvqctcbfxlcbdewbtmne
[2025-05-08 14:12:31][+] regrouping targets based on hardware resources!
[2025-05-08 14:12:31][+] Removing old database record for selected targets and modules.
[2025-05-08 14:12:31][+] imported 1 targets in 1 process(es).
[2025-05-08 14:12:33][+++] process-0|smb_brute|172.16.5.41|module-thread 1/1|request-thread 16/6018|host: 172.16.5.41 method: brute_force password: Password@123 port: 445 timeout: 3.0 username: administrator|
success_condition (s):
conditions: host: 172.16.5.41 password: Password@123 port: 445 username: administrator
[2025-05-08 14:13:25][+] building graph ...
[2025-05-08 14:13:25][+] finish building graph!
+----------------------------+-------------+-------------+------+----------+
|            date            |    target   | module_name | port |   logs   |
+============================+=============+=============+======+==========+
| 2025-05-08 14:12:33.511223 | 172.16.5.41 | smb_brute   | 445  | Detected |
+----------------------------+-------------+-------------+------+----------+

Software Details: OWASP Nettacker version 0.4.0 [QUIN] in 2025-05-08 14:13:26
[2025-05-08 14:13:26][+] report saved in /usr/src/owaspnettacker/.data/results/results_2025_05_08_14_12_24_shkurenwob.html and database
[2025-05-08 14:13:26][+] ScanID: wbckqplowzykuvqctcbfxlcbdewbtmne done!
(nettacker-py3.11) root@2cffc506e9ef:/usr/src/owaspnettacker#

Type of change

  • New core framework functionality
  • Bugfix (non-breaking change which fixes an issue)
  • Code refactoring without any functionality changes
  • New or existing module/payload change
  • Localization improvement
  • Dependency upgrade
  • Documentation improvement

Checklist

  • I've followed the contributing guidelines
  • I've run make pre-commit, it didn't generate any changes
  • I've run make test, all tests passed locally

NtAlexio2
NtAlexio2 commented Jun 9, 2025
View reviewed changes
Copy link
Contributor Author

@NtAlexio2 NtAlexio2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's ok since no conflicts

@securestep9 securestep9 added this pull request to the merge queue Jun 9, 2025
Merged via the queue into OWASP:master with commit 958e1bc Jun 9, 2025
17 checks passed
pUrGe12 pushed a commit to pUrGe12/Nettacker that referenced this pull request Jun 12, 2025
@NtAlexio2 @securestep9 @pUrGe12
feature: add smb_brute command (OWASP#1070)
4e24f32 
* Update dependencies in poetry.lock and pyproject.toml for new packages

* feat: add SMB brute force module

* feat: add unit tests for SMB brute force module

* ran make pre-commit

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@securestep9 securestep9 securestep9 approved these changes

@arkid15r arkid15r Awaiting requested review from arkid15r arkid15r is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@NtAlexio2 @securestep9