GitHub - nccgroup/jmxbf: A brute force program to test weak accounts configured to access a JMX Registry

jmxbf - A brute force program to test weak accounts configured to access a JMX Registry

Released as open source by NCC Group Plc - http://www.nccgroup.com/

Developed by Daniele Costa, daniele [dot] costa [at] nccgroup [dot] trust

http://www.github.com/nccgroup/jmxbf

Released under AGPL see LICENSE for more information

$>Usage: 
java -jar jmxbf.jar
	-h,--host <arg>              The JMX server IP address.
	-p,--port <arg>              The JMX server listening port.
	-pf,--passwords-file <arg>   File including the passwords, one per line.
    -uf,--usernames-file <arg>   File including the usernames, one per line.

Example:
   
$>java –jar jmxbf.jar –h 192.168.20.1 –p 1099 –uf usernames.txt –pf passwords.txt

Some samp;e output below:

$>java –jar jmxbf.jar –h 192.168.20.1 –p 1099 –uf usernames.txt –pf passwords.txt

Auth failed!!!

Auth failed!!!

Auth failed!!!

. . . 

Auth failed!!!

Auth failed!!!


###SUCCESS### - We got a valid connection for: control:supersecretpwd

Found some valid credentials - continuing brute force
....

###SUCCESS### - We got a valid connection for: monitor:monitor


Found some valid credentials - continuing brute force
Auth failed!!!

Auth failed!!!

Auth failed!!!

Auth failed!!!

. . . 

Auth failed!!!

Auth failed!!!

Auth failed!!!

The following valid credentials were found:


control:supersecretpwd

monitor:monitor

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
LICENSE.md		LICENSE.md
README.md		README.md
jmxbf.jar		jmxbf.jar
jmxbf.java		jmxbf.java

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Releases

Packages

Languages

License

nccgroup/jmxbf

Folders and files

Latest commit

History

Repository files navigation

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages