September 26, 2017

Feature Descriptions

Version: Open Source

Malware Checks

These are default user name and password combinations that are used by various malware. Included in the application are the combinations used in the Mirai bot and Hajime worm as well as other various nefarious programs.

Brute Force Functionality

The run-time password lists are highly optimized. They only check the least number of user name and password combinations for the list of malware discovered on the Internet, increasing efficiency.

Telnet Protocol Default Port Only

The open source version on the scans for the default telnet protocol on port 23.

Specify Host/Network to Scan

This version allows the end-user to specify a network or host to test the password combinations against.

Version: Basic

File Parsing: Text, Nmap XML, Masscan XML Output*

This option allows the import of external data into the application for processing. Point the application to a directory and import multiple file types of various sizes, not just a single file. The feature allows IoT Crusher to process multiple independent scans from other applications/jobs/sessions at once.

Run Alternative Telnet Ports

Run IoT Crusher attacks against telnet on a port other than 23. This manual override allows the end-user to test specific ports. If this switch isn’t used or the imported data doesn’t specify an alternative port the default port of 23 is used.

Multi-Threaded Execution Checking

Multi-threading allows for testing of multiple hosts at one time with minimal impact to your environment. Increasing the threads has little to no performance impact on your workstation or server. Easily switch back to single threaded mode if desired.

Change Number of Execution Threads

Select up to 50 threads to be run concurrently for any particular scan. The default is 15 hosts at once. The thread range is from 1 to 50 to suit the needs of the environment, providing the flexibility you need.

Over 9000 Devices Supported including IoT, Point of Sale, Medical

Currently IoT Crusher has the default credentials for over 9000 devices bundled into useful categories. As of 2017 there are 16 categories: Camera, Database, Desktop Application, IPPhone, IoT, Malware, Medical, Modem, NAS, POS, Printer, Router, Storage, Switch, UPS, WebApp.

User Name and Password Optimization

Password lists are optimized in brute force mode so that the minimum number of attempts are required.

Command Builder

Hate the command line? Use this option to generate a GUI to help build your command line string with ease. Simply copy and paste from the GUI to the command line so that even users who rarely use the command prompt can run IoT Crusher.

Auto-Update User Name and Passwords Functionality

Update the combinations of user names and passwords with this useful switch.

Auto-Update Application Functionality

Update the core application with this option automatically. Get our regularly updated IoT Crusher version as soon as it’s available.

License Key Needed and EULA Agreement

Each authorized copy of IoT Crusher will need a license key. The end user / organization must agree to the EULA to run the application. The license is per seat. A copy is needed per individual, per organization.

Application Obfuscated, Compiled, & Encrypted at Rest

The IoT Crusher build process customizes each build to the individual licensee. We obfuscate the code, compile it, and encrypt the application at rest. Object code is delivered to the licensee.

Test Only by Device Category for All Manufacturers, Products, and Malware

Streamline and optimize user name and password combinations by the kind of device category being tested. Test specifically for classes of devices such as Medical devices, Point of Sale devices, and known Malware combinations for a highly customized and efficient experience.

Version: Advanced

Want more than the premium features of IoT Crusher Basic? Our Advanced version has the feature set you need.


Device Identification and Credential Mapping

With imported scan data, automatically pair devices with user names and passwords for a specific IP address and port found on the network.

Anti-Brute Force Technology

Testing impact is minimal with device identification. When possible make a single authentication call after we pair the default user name and password combination with the service on an IP address. This dramatically cuts down the potential lockout on the account because one single instance of a password check is unlikely to lock an account that has multiple attempts before lockout.

Multiple Protocols Supported

Our supported protocols are currently Telnet, FTP and VNC. We will rapidly add additional protocols in future versions, including a lightweight HTTP/HTTPs client.

Search and Test by Specific Device Name for Any Category, Combination of Manufacturers, Products, and Malware Available

Search by user supplied input and combine parameters to select specific makes, models, categories specific to your environment. Even test for specific malware combinations to see if your environment is vulnerable.

Run in Basic Brute Force Mode Only

Don’t want to run the advanced mapping? This option allows you to run in brute force mode only.

Run in Advanced Mode Only

In Advanced mode, by default, the application does not brute force accounts. This option allows for no brute forcing and only single user name and password checks when the mapping is available.

Run Advanced and Brute Force Modes Concurrently

This option allows for both mapping map testing and brute forcing a single time for all devices and ports found.

* We do not distribute, execute, or incorporate code of either nmap or masscan

/* */