Today I will introduce you to a cracking tool called Super Weak Password Checker, which is developed by shack2, a well-known senior in the security field. This tool has been updated for several years and it is undeniable that it is a useful cracking tool that can improve the efficiency of our penetration testing.
First, download the Super Weak Password Checker tool.
git clone https://github.com/shack2/SNETCracker
After downloading, unzip and open the file.
The readme.txt and user manual files also provide some simple instructions for using the tool.
There are three folders in the tool's directory: configuration, dictionary, and log. In general, we don't need to modify the configuration. As for the dictionary, we can replace or add it according to our personal situation.
Let's open the graphical tool SENTCracker.exe and take a look.
It is clear at a glance and the design is very user-friendly. It is easy to use. It can be seen that this is a comprehensive checking tool that can scan multiple services and database weak passwords. We can select the services to be checked (multiple selections) in the left sidebar, fill in the IP address in the target field (directly enter the IP as shown in the figure, or enter an IP range such as 1.1.1.1-1.1.100.100, or import batch IP addresses), and choose to crack a single user or set our own account password (or import account and password segments) for checking and cracking. Everyone can choose according to their own situation. In general, there is no need to check "Automatically select password dictionary based on checked services". After the check and cracking is completed, the results will be displayed in the middle column, as shown in the above figure.
The tool is simple and easy to use, and the effect is very good. Therefore, I would like to thank shack2 for developing and providing this tool. I also recommend everyone to take a look at some of his other tools, which I believe can also be of great help to everyone.
Project address: