Scan Network Services for Weak Credentials
Scan the identified network services on your attack surface for weak credentials
Category
Vulnerability Scanning
Inputs
rate-limit
string
Maximum number of requests to send per second per machine
port-details
file
requiredJSONLines records of port or network service discovery details from the Scan for Open Ports or Fingerprint Network Services modules
Outputs
findings
Features
Scan Network Services for Weak Credentials
Description
Scan the identified network services on your attack surface for weak credentials. The currently supported protocol are:
- SSH
- FTP
- MySQL
- PostgreSQL
- Microsoft SQL Server
Features
- Supports various network protocols
- Offers customizable wordlists for using custom dictionaries and executing password spraying attacks.
- Can scan thousands of web servers simulataneously.
Inputs
Required
- port-details: JSONLines records of port or network service discovery details from the “Scan for Open Ports” or “Fingerprint Network Services” modules.
{"hostname": "foo.example.com", "ip_address": "1.2.3.4", "port": 21, "protocol": "ftp", "tls": false, "transport": "tcp", "banner": "220 (vsFTPd 3.0.5)\r\n"}
{"hostname": "bar.example.com", "ip_address": "5.6.7.8", "port": 3306, "protocol": "mysql", "tls": false, "transport": "tcp", "version": "8.0.39-0ubuntu0.24.04.1"}
Optional
- rate-limit: Maximum number of requests to send per second per machine (default: 300)
Outputs
- findings: JSONLines records of finding details.
{"finding": "FTP Weak Credentials", "location": "159.223.96.85:21", "severity": "high", "ip_address": "1.2.3.4", "hostname": "foo.example.com", "domain_name": "example.com", "matches": ["ftp:ftp123"]}
{"finding": "MySQL Weak Credentials", "location": "5.6.7.8:3306", "hostname": "bar.example.com", "domain_name": "example.com", "severity": "high", "ip_address": "5.6.7.8", "matches": ["root:mysql123"]}
Changelog
- v1.0
- Initial release