Jump to content

Metasploit Amount of Threads


5t19

Recommended Posts

Hey, i'm reading a book Metasploit The Penetration Testers Guide and in it the author mentions that in general you should not set the THREADS value in Metasploit to more than 16 on Windows machines and more than 128 on UNIX style machines. I'm just curious as to why, and also why so little on windows? Later in the book the author also uses 255 threads for a port scan.

Thanks

Link to comment
Share on other sites

Technically you can create as many threads as you want, but you cant use as much memory as you want. I do not know why the book recommends 16 and 128 threads, my guess is, that things cant get unstable and crash if you create too many. And the recommended amount of threads comes from experience.

 

Edited by Lord_KamOS
Link to comment
Share on other sites

  • 4 weeks later...

I don't exactly know the answer to the book, but IIR windows network stack can only handle so many threads at once, and the rest queue up or get ignored, possibly even cause DOS on the machine. Don't quote me on that. Browsers for example, can use more than one thread for a web page download, and most do 4 at a time by default. Older Opera browsrs had a setting, you could change manually. Too many, and things stopped working. Windows XP was worse with this and had a limit I think of 10 simultaneous network threads, but again, I could be mistaken. This being "network" and not CPU threads that is, for simultaneous connections to the machine.

Link to comment
Share on other sites

  • 3 weeks later...

I have used 255 threads on ssh_brute. I ran into a problem with msf database unable to handle this many threads. So I tried to incorporate thread pooling with puma.

 

I didn't spend enough time tweaking. For optimal performance but it was a fun learning experience.

Link to comment
Share on other sites

SSH bruting is a slow process, generally only send a few at a time or single threaded with a really good password file. You will just get locked out or banned in most cases, and the more threads won't actually help at all in this case. For things that don't block after a certain number of tries, like http basic auth or ftp, then you can get away with more, but even then, you can get false positives if you try too many too fast.

Link to comment
Share on other sites

8 hours ago, digip said:

SSH bruting is a slow process, generally only send a few at a time or single threaded with a really good password file. You will just get locked out or banned in most cases, and the more threads won't actually help at all in this case. For things that don't block after a certain number of tries, like http basic auth or ftp, then you can get away with more, but even then, you can get false positives if you try too many too fast.

This is true, in this case I was focused on devices that have minimal security.

Link to comment
Share on other sites

2 hours ago, i8igmac said:

This is true, in this case I was focused on devices that have minimal security.

Yeah, when I'm doing a CTF on my home lab network, I'm ok with hammering away with hydra or any other attacks like that and throw the kitchen sink at it. SSH usually works best with  a single thread though, in my experience, and most of the ones I've cracked were because wordlist of passwords were from scraped data on the CTF pages themselves that were reused as passwords on the server for specific users.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...