Ncrack Package Description

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.
Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, and telnet.
Ncrack Homepage | Kali Ncrack Repo
  • Author: Insecure.Com LLC
  • License: GPLv2

Tools included in the ncrack package

ncrack – High-speed network authentication cracking tool
root@kali:~# ncrack -h
Ncrack 0.4ALPHA ( )
Usage: ncrack [Options] {target and service specification}
  Can pass hostnames, IP addresses, networks, etc.
  Ex:,,; 10.0.0-255.1-254
  -iX : Input from Nmap's -oX XML output format
  -iN : Input from Nmap's -oN Normal output format
  -iL : Input from list of hosts/networks
  --exclude : Exclude hosts/networks
  --excludefile : Exclude list from file
  Can pass target specific services in ://target (standard) notation or
  using -p which will be applied to all hosts in non-standard notation.
  Service arguments can be specified to be host-specific, type of service-specific
  (-m) or global (-g). Ex: ssh://,at=10,cl=30 -m ssh:at=50 -g cd=3000
  Ex2: ncrack -p ssh,ftp:3500,25,ssl
  -p : services will be applied to all non-standard notation hosts
  -m :: options will be applied to all services of this type
  -g : options will be applied to every service globally
  Misc options:
    ssl: enable SSL over this service
    path : used in modules like HTTP ('=' needs escaping if used)
  Options which take

ncrack Usage Example

Use verbose mode (-v), read a list of IP addresses (-iL win.txt), and attempt to login with the username victim (–user victim) along with the passwords in a dictionary (-P passes.txt) using the RDP protocol (-p rdp) with a one connection at a time (CL=1):
root@kali:~# ncrack -v -iL win.txt --user victim -P passes.txt -p rdp CL=1

Starting Ncrack 0.4ALPHA ( ) at 2014-05-19 09:54 EDT

rdp:// finished.
Discovered credentials on rdp:// 'victim' 's3cr3t'
Para que ste blog siga creciendo:

Visitenos en: