開源網絡認證破解工具 - Ncrack

Ncrack是一個高速的網絡認證破解工具,它可以幫助企業測試所有的網絡主機和網絡設備的密 碼強度,提高企業網絡的安全性。安全專業人員也可使用Ncrack做滲透測試。Ncrack採用了模塊化設計,類似Nmap的命令行語法和一個動態的引 擎,該引擎是Ncrack可以依據不同的網絡反饋自適應操作。Ncrack可以可靠的進行大規模網絡主機安全審計。Ncrack支持windows和 linux系統,目前更新至0.4版,該版本主要改變:
 
  •     Added the VNC module to Ncrack's arsenal. Thanks to rhh of rycon.hu for implementing the module and discussing about it for further improvement.
  •     Wrote the Ncrack Developer's Guide, which is meant to give an overall insight into Ncrack's architecture and help programmers develop their own modules (http://nmap.org/ncrack/devguide.html)
  •     Fixed critical bug in RDP module, which caused Ncrack to fail cracking some Windows 2003 server versions.
  •     Added a mechanism (MODULE_ERR), which modules can use to report to the Ncrack engine that the authentication wasn't completed due to an application error. For instance, the VNC server often notifies the client that there are 「too many authentication failures」 and Ncrack can then close the running connections and wait some time until the above wears off.
  •     Ncrack can now print the nsock EID (unique connection ID) in debugging messages. This will greatly help us track problems, since error messages will be matched to certain connections.
工具更多信息及下載:http://nmap.org/ncrack/

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.


出自: BugZone - http://www.pulog.org/tools/2031/Ncrack/

0 意見: