Port 22: Difference between revisions
Created page with "*If you have usernames test login with username:username *Vulnerable Versions to user enum: <7.7 *Enum SSH *Get version <syntaxhighlight lang="shell"> nmap 10.11.1.1 -p22 -sV </syntaxhighlight> *Get banner <syntaxhighlight lang="shell"> nc 10.11.1.1 22 </syntaxhighlight> *Get login banner <syntaxhighlight lang="shell"> ssh root@10.11.11.1 </syntaxhighlight> *Get algorythms supporteed <syntaxhighlight lang="shell"> nmap -p22 10.11.1.1 --script ssh2-enum-algos </syntax..." |
No edit summary |
||
| Line 89: | Line 89: | ||
*SSH FUZZ | *SSH FUZZ | ||
*https://dl.packetstormsecurity.net/fuzzer/sshfuzz.txt | **https://dl.packetstormsecurity.net/fuzzer/sshfuzz.txt | ||
*cpan Net::SSH2 | *cpan Net::SSH2 | ||
| Line 99: | Line 99: | ||
*SSH-AUDIT | *SSH-AUDIT | ||
*https://github.com/arthepsy/ssh-audit | **https://github.com/arthepsy/ssh-audit | ||
*Enum users < 7.7: | *Enum users < 7.7: | ||
*https://www.exploit-db.com/exploits/45233 | **https://www.exploit-db.com/exploits/45233 | ||
*https://github.com/CaioCGH/EP4-redes/blob/master/attacker/sshUsernameEnumExploit.py | **https://github.com/CaioCGH/EP4-redes/blob/master/attacker/sshUsernameEnumExploit.py | ||
<syntaxhighlight lang="shell"> | |||
python ssh_user_enum.py --port 2223 --userList /root/Downloads/users.txt IP 2>/dev/null | grep "is a" | |||
</syntaxhighlight> | |||
*SSH Leaks: | *SSH Leaks: | ||