View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0004373Kali LinuxNew Tool Requestspublic2017-11-29 15:242017-12-21 15:41
Reporteropcode41 Assigned Todookie  
PrioritynormalSeverityfeatureReproducibilityalways
Status closedResolutionwon't fix 
Product Version2017.3 
Summary0004373: Open Source Default Malware Credential Scanner
Description

Open Camps Presentation:
https://www.slideshare.net/KenBelva/introducing-iot-crusher-open-source-version

Github:
https://github.com/OpCode41/IoTCrusher

Activities

muts

muts

2017-11-29 15:43

reporter   ~0007627

Thanks, i was just checking this out. Usage is unclear to me though:

python IoTCrusherOpenSource.py -networkAddresses 192.168.1.1/24 -credList ALL

gives:

  • Parsing network addresses supplied!
    Looks like there was an error with the supplied network address format.
    Here's the system generated error message:
    '192.168.1.1/24' does not appear to be an IPv4 or IPv6 network. Did you pass in a bytes (str in Python 2) instead of a unicode object?
    Exiting Program...

I didn't dig into the python, but :

python IoTCrusherOpenSource.py -networkAddresses 192.168.1.100/24 -credList ALL

Gives:

  • Parsing network addresses supplied!
  • Finished parsing network addresses supplied!
  • Starting to build combos of user credentials!
  • Finished building combos of user credentials!

Perhaps a bug in the parsing ? Or am I doing something wrong?
opcode41

opcode41

2017-11-29 15:46

reporter   ~0007628

Case 1: try 192.168.1.0/24 (network submasks! grrr)..

Case 2: No. You are probably not running telnet on the 192.168.1.100 host.
muts

muts

2017-11-29 15:48

reporter   ~0007629

Yep, i tried that too.

python IoTCrusherOpenSource.py -networkAddresses 192.168.1.0/24 -credList ALL

Gives:

  • Parsing network addresses supplied!
    Looks like there was an error with the supplied network address format.
    Here's the system generated error message:
    '192.168.1.0/24' does not appear to be an IPv4 or IPv6 network. Did you pass in a bytes (str in Python 2) instead of a unicode object?
    Exiting Program...
opcode41

opcode41

2017-11-29 15:49

reporter   ~0007630

OK I think know why.... It's python 3 not python 2

running with the command python runs it as python version 2x

try running either as python3 or ./IoT....
muts

muts

2017-11-29 15:59

reporter   ~0007631

Yep, that was it. Thanks! I'll be playing with this later on today.
opcode41

opcode41

2017-11-29 16:00

reporter   ~0007632

Awesome. Enjoy.
opcode41

opcode41

2017-11-29 16:01

reporter   ~0007633

BTW, glad you put in the full command string! :)
opcode41

opcode41

2017-12-04 15:29

reporter   ~0007655

@muts - Hope you enjoyed it. Perhaps you found something interesting... :)
opcode41

opcode41

2017-12-11 15:58

reporter   ~0007686

Just following up on this item. Thoughts?
opcode41

opcode41

2017-12-20 15:31

reporter   ~0007719

Bump. How did the testing go?
dookie

dookie

2017-12-21 15:41

reporter   ~0007733

Thanks for the suggestion but until this tool has matured some more, it will not be included in Kali. The features of the tool, including the arrays of hard-coded credentials, do not yet compare with the many other brute forcing tools available in the distribution.

Issue History

Date Modified Username Field Change
2017-11-29 15:24 opcode41 New Issue
2017-11-29 15:43 muts Note Added: 0007627
2017-11-29 15:46 opcode41 Note Added: 0007628
2017-11-29 15:48 muts Note Added: 0007629
2017-11-29 15:49 opcode41 Note Added: 0007630
2017-11-29 15:59 muts Note Added: 0007631
2017-11-29 16:00 opcode41 Note Added: 0007632
2017-11-29 16:01 opcode41 Note Added: 0007633
2017-12-04 15:29 opcode41 Note Added: 0007655
2017-12-11 15:58 opcode41 Note Added: 0007686
2017-12-20 15:31 opcode41 Note Added: 0007719
2017-12-21 15:41 dookie Assigned To => dookie
2017-12-21 15:41 dookie Status new => closed
2017-12-21 15:41 dookie Resolution open => won't fix
2017-12-21 15:41 dookie Note Added: 0007733