IISbf - IIS BruteForcer
-----------------------
by TheDarkRaver

Brute your way into IIS Webservers!

IISbf is an HTTP Authentication cracker. It's a tool that launchs an online
dictionary attack to test for weak or simple passwords against protected areas
on an IIS Webserver.

This tools is designed an optimized for obtaining maximum speed in the attack 
against IIS Webservers. You can use it against other Servers like Apache o 
Zeus, but you won't get the full efficiency.


Features
--------

- Connections supported: HTTP, HTTPS(SSL)

- Authentications supported: Basic, NTLM

- HTTP Methods supported: GET, HEAD, POST, PUT, PROPFIND

- Multithreaded

- Custom POST data


Why IIS?
---------

The HTTP/1.1 Basic Authentication implementation of IIS allows probing a high 
number of user and password combinations per second.

NTLM is slower to crack but most IIS servers have only NTLM authentication 
avaliable. Anyway you can speed up your scan with multiple threads.


Usage
-----

$ ./iisbf.exe
IISbf Starting...

USAGE: ./iisbf <URL> [-X method -u user -t number -N -f file -d post]

OPTIONS:
 -X <method> : Specify HTTP request method to use. (Default: GET)
 -u <username> : User to bruteforce. (Default: administrator)
 -t <number>: Thread number.(Default: 1 / Max: 360)
 -N : Use NTLM authentication.
 -f <filename> : Dictionary file. (Default: dict/dict.txt)
 -d <post> : Send HTTP POST data.

EXAMPLES:
./iisbf http://www.site.com/
./iisbf http://www.site.com/protected-directory/
./iisbf https://www.ssl-site.com/
 

Example
-------

$ ./iisbf.exe http://192.168.0.200/auth-test/ -u pepe -f dict/bigdict.txt
IISbf Starting...

+ USER: pepe
+ FILE: dict/bigdict.txt

WORDS: 1448145

Connecting: 0

FOUND!!

==> USER: pepe - PASS: abaco

POSITION: 199090 (CODE: 200)

SENT_WORDS: 199922
ELAPSED_TIME: 115
WORDS/SEC: 1738
--END


In a LAN environment:

3 600 * 24 * 1 738 = 150 163 200
26 ^ 6 = 308 915 776 -> aprox 2 Days


Recommended Thread Number
-------------------------

Basic-LAN: 1

Basic-Internet: 10

NTLM-LAN: 360

NTLM-Internet: 100
