High Speed Network Authentication Cracking: Ncrack

2016-04-14T20:56:29
ID N0WHERE:76579
Type n0where
Reporter N0where
Modified 2016-04-14T20:56:29

Description

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.

Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, HTTP(S), SMB, POP3(S), VNC, FTP, SIP, Redis, PostgreSQL, MySQL, and Telnet.

Ncrack is based on a modularized architecture, where each protocol/service corresponds to the equivalent module that handles all the authentication steps. Ncrack’s architecture is thus built in a way so that a module is separated as much as possible from the more low level details of timing and connection management which are handled by the core engine. Ncrack utilizes the venerable Nsock, a library which was originally written by Fyodor a long time ago and has since then been refined and tested thoroughly. Nsock is a parallel sockets library which internally uses select(2) to poll through the registered socket descriptors and which upon a new network event (read/write/timeout etc) jumps to a preregistered callback handler which is responsible for doing something about that particular event.

Downloading Ncrack

Ncrack is available for many different platforms, including Linux, *BSD, Windows and Mac OS X. There are already installers for Windows and Mac OS X and a universal source code tarball that can be compiled on every system. You can also download the latest version straight from the SVN repository. Older versions are available from ncrack dist directory . For the more security-paranoid (smart) users, GPG detached signatures and SHA-1 hashes for each release are available in the sigs directory (verification is similar to the Nmap verification instructions ).

Specific details and instructions are available for the source code distribution , Windows binaries , and Mac OS X binaries , and Current development source .

The Ncrack tarball compiles under Windows, Mac OS X, Linux and other UNIX platforms like *BSD. The standard procedure of compilation on most UNIX systems usually goes like this:

tar -xzf ncrack-0.5.tar.gz
cd ncrack-0.5
./configure
make
su root
make install

High Speed Network Authentication Cracking: Ncrack documentation

High Speed Network Authentication Cracking: Ncrack download