DDos Programs
Be aware that these are not mine and is a collection i bought from the darkweb some time ago!
Use at your own risk and scan them before!
[Hidden content]
2FAssassin is a tool that will help in exploiting certain misconfiguration or vulnerabilities on remote system to extract private keys from memory. attack scenario will start by enumerating the network for exposed vulnerabilities:
- SSH-based Attacks to get private keys
- HeartBleed Attacks to get private keys:
- Ceragon FibeAir IP-10 SSH Private Key Exposure:
- ExaGrid Known SSH Key and Default Password :
- F5 BIG-IP SSH Private Key Exposure:
- Loadbalancer.org Enterprise VA SSH Private Key
- Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
- Quantum DXi V1000 SSH Private Key Exposure
- Check & disable Two-Factor Authentication
Once the scanner will identify the vulnerable system it will start to run exploitation and extract the exposed private keys. If you want to reduce the possible exploitation of 2FA attack it will be important to apply security update as they are released by the vendor and follow the configuration security best practices to avoid making private keys exposed
- The effectiveness of the Two-Factor-Authentication depends on how well a user protects "something only the user has".
- The tool looks out for getting the OTP(s) and private keys using various methods.
- The private keys can be extracted from client certificates and cracked to be used for authentication.
- The tool exploits the common vulnerabilities that caused private keys leakage.
- Propagates the compromise starting from a single machine to the entire networks via looted private keys.
- Install python on Kali Linux, then run:
pip install 2fassassin
cd /root/2fassassin
OR
git clone
https://github.com/maxwellkoh/2FAssassin.git
cd 2fassassin
- Network enumeration:
./assassin.py --scan <basic | advanced> --target <ip_address | range>
./assassin.py --scan advanced --target 192.168.0.0/24
./assassin.py --scan basic --target 192.168.2.40
./assassin.py --check auto --mode attack
2FAssassin is a tool that will help in exploiting certain misconfiguration or vulnerabilities on remote system to extract private keys from memory. attack scenario will start by enumerating the network for exposed vulnerabilities:
- SSH-based Attacks to get private keys
- HeartBleed Attacks to get private keys:
- Ceragon FibeAir IP-10 SSH Private Key Exposure:
- ExaGrid Known SSH Key and Default Password :
- F5 BIG-IP SSH Private Key Exposure:
- Loadbalancer.org Enterprise VA SSH Private Key
- Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
- Quantum DXi V1000 SSH Private Key Exposure
- Check & disable Two-Factor Authentication
Once the scanner will identify the vulnerable system it will start to run exploitation and extract the exposed private keys. If you want to reduce the possible exploitation of 2FA attack it will be important to apply security update as they are released by the vendor and follow the configuration security best practices to avoid making private keys exposed
- The effectiveness of the Two-Factor-Authentication depends on how well a user protects "something only the user has".
- The tool looks out for getting the OTP(s) and private keys using various methods.
- The private keys can be extracted from client certificates and cracked to be used for authentication.
- The tool exploits the common vulnerabilities that caused private keys leakage.
- Propagates the compromise starting from a single machine to the entire networks via looted private keys.
- Install python on Kali Linux, then run:
pip install 2fassassin
cd /root/2fassassin
OR
git clone
https://github.com/maxwellkoh/2FAssassin.git
cd 2fassassin
- Network enumeration:
./assassin.py --scan <basic | advanced> --target <ip_address | range>
./assassin.py --scan advanced --target 192.168.0.0/24
./assassin.py --scan basic --target 192.168.2.40
./assassin.py --check auto --mode attack
https://github.com/dothanthitiendiettiende/2FAssassin