5t19 Posted June 8, 2017 Share Posted June 8, 2017 Hey, i'm reading a book Metasploit The Penetration Testers Guide and in it the author mentions that in general you should not set the THREADS value in Metasploit to more than 16 on Windows machines and more than 128 on UNIX style machines. I'm just curious as to why, and also why so little on windows? Later in the book the author also uses 255 threads for a port scan. Thanks Quote Link to comment Share on other sites More sharing options...
Lord_KamOS Posted June 8, 2017 Share Posted June 8, 2017 (edited) Technically you can create as many threads as you want, but you cant use as much memory as you want. I do not know why the book recommends 16 and 128 threads, my guess is, that things cant get unstable and crash if you create too many. And the recommended amount of threads comes from experience. Edited June 8, 2017 by Lord_KamOS Quote Link to comment Share on other sites More sharing options...
zenware Posted July 4, 2017 Share Posted July 4, 2017 It would be cool if you contacted the author to found out why they gave those recommendations and then share their response. Quote Link to comment Share on other sites More sharing options...
digip Posted July 4, 2017 Share Posted July 4, 2017 I don't exactly know the answer to the book, but IIR windows network stack can only handle so many threads at once, and the rest queue up or get ignored, possibly even cause DOS on the machine. Don't quote me on that. Browsers for example, can use more than one thread for a web page download, and most do 4 at a time by default. Older Opera browsrs had a setting, you could change manually. Too many, and things stopped working. Windows XP was worse with this and had a limit I think of 10 simultaneous network threads, but again, I could be mistaken. This being "network" and not CPU threads that is, for simultaneous connections to the machine. Quote Link to comment Share on other sites More sharing options...
i8igmac Posted July 21, 2017 Share Posted July 21, 2017 I have used 255 threads on ssh_brute. I ran into a problem with msf database unable to handle this many threads. So I tried to incorporate thread pooling with puma. I didn't spend enough time tweaking. For optimal performance but it was a fun learning experience. Quote Link to comment Share on other sites More sharing options...
digip Posted July 21, 2017 Share Posted July 21, 2017 SSH bruting is a slow process, generally only send a few at a time or single threaded with a really good password file. You will just get locked out or banned in most cases, and the more threads won't actually help at all in this case. For things that don't block after a certain number of tries, like http basic auth or ftp, then you can get away with more, but even then, you can get false positives if you try too many too fast. Quote Link to comment Share on other sites More sharing options...
i8igmac Posted July 21, 2017 Share Posted July 21, 2017 8 hours ago, digip said: SSH bruting is a slow process, generally only send a few at a time or single threaded with a really good password file. You will just get locked out or banned in most cases, and the more threads won't actually help at all in this case. For things that don't block after a certain number of tries, like http basic auth or ftp, then you can get away with more, but even then, you can get false positives if you try too many too fast. This is true, in this case I was focused on devices that have minimal security. Quote Link to comment Share on other sites More sharing options...
digip Posted July 21, 2017 Share Posted July 21, 2017 (edited) 2 hours ago, i8igmac said: This is true, in this case I was focused on devices that have minimal security. Yeah, when I'm doing a CTF on my home lab network, I'm ok with hammering away with hydra or any other attacks like that and throw the kitchen sink at it. SSH usually works best with a single thread though, in my experience, and most of the ones I've cracked were because wordlist of passwords were from scraped data on the CTF pages themselves that were reused as passwords on the server for specific users. Edited July 21, 2017 by digip Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.