0008682: legba - multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0008682	Kali Linux	Queued Tool Addition	public	2024-03-20 14:32	2025-08-23 16:48

Reporter	flx	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	acknowledged	Resolution	open

Summary	0008682: legba - multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust
Description	https://github.com/evilsocket/legba Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime in order to achieve better performances and stability while consuming less resources than similar tools (see the benchmark below). For the building instructions, usage and the complete list of options check the project Wiki. Supported Protocols/Features: AMQP (ActiveMQ, RabbitMQ, Qpid, JORAM and Solace), Cassandra/ScyllaDB, DNS subdomain enumeration, FTP, HTTP (basic authentication, NTLMv1, NTLMv2, multipart form, custom requests with CSRF support, files/folders enumeration, virtual host enumeration), IMAP, Kerberos pre-authentication and user enumeration, LDAP, MongoDB, MQTT, Microsoft SQL, MySQL, Oracle, PostgreSQL, POP3, RDP, Redis, Samba, SSH / SFTP, SMTP, Socks5, STOMP (ActiveMQ, RabbitMQ, HornetQ and OpenMQ), TCP port scanning, Telnet, VNC. Benchmark Here's a benchmark of legba versus thc-hydra running some common plugins, both targeting the same test servers on localhost. The benchmark has been executed on a macOS laptop with an M1 Max CPU, using a wordlist of 1000 passwords with the correct one being on the last line. Legba was compiled in release mode, Hydra compiled and installed via brew formula. Far from being an exhaustive benchmark (some legba features are simply not supported by hydra, such as CSRF token grabbing), this table still gives a clear idea of how using an asynchronous runtime can drastically improve performances. Test Name Hydra Tasks Hydra Time Legba Tasks Legba Time HTTP basic auth 16 7.100s 10 1.560s (� 4.5x faster) HTTP POST login (wordpress) 16 14.854s 10 5.045s (� 2.9x faster) SSH 16 7m29.85s * 10 8.150s (� 55.1x faster) MySQL 4 9.819s 4 2.542s (� 3.8x faster) Microsoft SQL 16 7.609s 10 4.789s (� 1.5x faster) While this result would suggest a default delay between connection attempts used by Hydra. I've tried to study the source code to find such delay but to my knowledge there's none. For some reason it's simply very slow. ** For MySQL hydra automatically reduces the amount of tasks to 4, therefore legba's concurrency level has been adjusted to 4 as well.

flx 2024-03-20 14:36 reporter ~0019055	Currently on arch official extra repository. Maybe the PKGBUILD file will help building the debian package https://gitlab.archlinux.org/archlinux/packaging/packages/legba/-/blob/0.8.0-1/PKGBUILD

g0tmi1k 2024-05-14 16:42 administrator ~0019283	@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here: https://www.kali.org/docs/development/setting-up-packaging-system/ https://www.kali.org/docs/development/intro-to-packaging-example/ https://www.kali.org/docs/development/intermediate-packaging-example/ https://www.kali.org/docs/development/advanced-packaging-example/ https://www.kali.org/docs/development/rebuilding-a-package-from-source/ https://www.kali.org/docs/development/packaging-apps-with-kaboxer/

evilsocket 2025-08-22 15:03 reporter ~0020786	Hello, author here. Legba is now statically linked with no dependencies, with precompiled binaries for most OS and architectures (using MUSL for portability). Also a .deb package is generated for each release. This should help considerably the packaging process. https://github.com/evilsocket/legba/releases/tag/1.1.1 deb -> https://github.com/evilsocket/legba/releases/download/1.1.1/legba_1.1.1-1_amd64.deb x86_64 binary -> https://github.com/evilsocket/legba/releases/download/1.1.1/legba-1.1.1-linux-x86_64.tar.gz Legba supports the same protocols (and more) that Hydra supports, it's faster (see benchmarks), better documented ( https://github.com/evilsocket/legba/blob/main/docs/index.md ) and easier to compile and distribute.

evilsocket 2025-08-22 15:11 reporter ~0020787 Last edited: 2025-08-22 15:17	PS: The deb package can be generated (for any other architecture) very easily one cargo ( https://doc.rust-lang.org/cargo/getting-started/installation.html ) is installed: cargo install cargo-deb cargo deb --profile deb The deb file will be in the target/debian folder.

Date Modified	Username	Field	Change
2024-03-20 14:32	flx	New Issue
2024-03-20 14:36	flx	Note Added: 0019055
2024-05-14 16:42	g0tmi1k	Note Added: 0019283
2024-05-14 16:42	g0tmi1k	Status	new => acknowledged
2024-05-14 16:42	g0tmi1k	Category	New Tool Requests => Queued Tool Addition
2025-08-22 15:03	evilsocket	Note Added: 0020786
2025-08-22 15:11	evilsocket	Note Added: 0020787
2025-08-22 15:11	evilsocket	Note Edited: 0020787
2025-08-22 15:17	evilsocket	Note Edited: 0020787