top of page

BED - Bruteforce Exploit Detector

BED is a plain-text protocol fuzzer that stands for Bruteforce Exploit Detector. Bed checks software for common vulnerabilities like buffer overflows, format string bugs, integer overflows, etc.


It automatically tests the implementation of a chosen protocol by sending different combinations of commands with problematic strings to confuse the target. The protocols supported by this tool are: finger, ftp, http, imap, irc, lpd, pjl, pop, smtp, socks4 and socks5.


BED comes pre-installed with our Kali Linux system. It is too easy to use so our article will be brief. So lets start:


As we mentioned BED comes pre-installed with Kali Linux so check with the help of BED. To do so we need to run following command on our terminal:

bed -h

After that we can see the help of BED tool, as we can see on the screenshot below.



In the help section (above screenshot) we clearly can see the basic use example of BED. We need to use -s flag to scan, then we need to choose <plugin>, then we need to specify our target (IP address) by using -t flag, then we need to specify our port using -p flag, at last we need to set our timeout by using -o flag.


Let's see an example of this, we have an localhost http server on port 80 we try to find vulnerabilities on it by using BED. So our command will be as following:

bed -s HTTP -t 127.9.0.1 -p 80 -o 10

The above command will start testing for vulnerabilities on our target (127.9.0.1) as we can see in the following screenshot:



If it got any vulnerability then it will show us by showing errors.

This is how we can use BED fuzzer on our Kali Linux system.

10 views0 comments

Recent Posts

See All

Comments


©2022 www.theblackthreat.in All right reserved.
bottom of page