SSH is an acronym for Secure Socket sHell, which provides a secure connection access to a remote machine.
By using this SSH Bruteforce tool, you can test security stuff like iptables, sshguard or fail2ban to see whether the rules or policy that have been set working or not. You also able to see the procedure of real hacking attempt.
Like most of brute forcing tools, first you’ll need a big passlist. You can get one from here:
Get SSHBrute python script:
To get it to work you will need this packages:
For Mac OS X user, this is the requirement:
- Xcode 4.3 (App Store link) or later installed including Command Line Tools or install GCC and Command Line Tools without Xcode
- Get Paramiko 1.7.7.2+ (or whatever the newest version is), this package includes PyCrypto
Download Paramiko at here:
Then, unzip the Paramiko archive and go to that directory:
Type the following command to start installing:
After that, unzip SSHBrute:
Go to SSHBrute directory:
To start the script, run this command:
The parameter:
-h = hostname/IP address
-u = username/username list
-d = password list
This is how the tool works:
I tried
gh0st:brutessh zer0$ python brutessh.py -h IP_ADDRESS -u USER -d passlist.txt
and it didn’t work. I had to use
python brutessh.py -h IP_ADDRESS -u USER -d passlist.txt
hope this helps other people