Introduction
Below is a screenshot of the main Brutus window in action. Brutus is running against a web server here using the HTTP basic authentication type. Brutus is going for the user admin using brute force to generate passwords (every 5 character combination using 'a-z'), the maximum number of passwords attempted will be just under 12 million. The status bar indicates that Brutus has attempted just over 1.16 million attempts and is running at an average speed of 501 attempts per second (that's over 30,000 per minute.) The worst case remaining execution time for this attack is just under six hours. Brutus is one of the fastest, most flexible remote password crackers you can get your hands on - it's also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 download.
Features
Brutus version AET2 is the current release and includes the following authentication types : | HTTP (Basic Authentication) | |
| HTTP (HTML Form/CGI) | |
| POP3 | |
| FTP | |
| SMB | |
| Telnet |
