BRUTEFORCE (II): ATTACKING AN SSH SERVER WITH BRUTER
- Layout for this exercise:
- This exercise is based in the previous one:
http://www.whitelist1.com/2018/04/bruteforce-i-attacking-ftp-server-with.html
1 - Setting up an SSH server
- Downloading the freeSSHd server to the victim Windows 10:
- Running the executable:
- Going to the SSH server Settings:
- Starting the SSH server on the victim side Windows 10:
- Adding a user admin and a simple password (123):
- Finally the SSH server is up and running:
- Checking that the SSH service works for the user admin:
2 - Bruteforcing the SSH server
- From the attacker machine Windows 7, checking that the port 22 is open at the victim Windows 10 (192.168.1.6):
- Running Bruter.exe from the attacker against the SSH server (IP 192.168.1.6, port 22):
2.1) Dictionary
- Taking the Dictionary option, and browsing for a wordlist:
- Starting the attack:
- The attack is successful because and the password (123) is revealed:
2.2) Brute force
- Choosing Brute force, setting options for the Charset and the length of the password:
- Starting the attack:
- Finally the attack is successful because the password (123) is revealed:
- The password has been chosen deliberately simple because the purpose of this exercise was just to demonstrate how to operate with the Bruter tool.
- For more complex passwords Bruter has a wide range of predefined Charsets with a greater number of characters, in addition to the possibility of decreasing the Min_Len parameter and increasing Max_Len.
- Obviously, the disadvantage would lie in the slowness of the attack, in addition to the greater amount of resources needed to implement it.
