Brutus Aet2 is a program for brute force password recovery. It can work with the basic HTTP authentication system and HTML-formats, CGI (Common Gateway Interface) interface is also supported, in addition there is support for POP3 mail protocol and FTP file transfer protocol. Other protocols include NetBIOS, Telnet and IMAP.
The principle of Brutus is very simple: the program takes a couple of logins / passwords from the database (or one login and a few passwords, it can be specified in the settings) and tries to go under them to the site or service, if lucky, it saves the data that came up, and in case of server failure, changes the password and repeats the above procedure. If necessary, you can set the delay time between attempts. It is also possible to use multithreading mode (up to 60 simultaneous connections) to speed up the search for the required combination, but in this case there is a chance that the server will block the address from where the hack attempt is coming from. The speed of the program is quite high, however, it can take a long time to get access, in this case the current selection session can be paused and stored at the moment to further load and continue.
Brutus Aet2 can take data from two sources: a dictionary & mdash; a simple text file in which different combinations of code words are written, and a generator. In the latter case, you can specify the expected password size or select the characters that it can consist of.
Unfortunately, the program hasn't been updated for a long time (the last version was released in January 2000), but nowadays it can handle its tasks.
- the possibility to search for passwords in multithreaded mode;
- a built-in dictionary generator;
- the ability to save and download the session;
- support for most popular protocols;
- the ability to use a proxy;
- the possibility of restoring the session after a failure.