Looking For A Sshd Bruteforcer

Full Version: Looking For A Sshd Bruteforcer

GovernmentSecurity.org > System Security > Linux & Unix Systems

EzMe

Nov 3 2004, 10:41 AM

I am looking for a sshd bruteforcer. I found one on http://www.k-otik.com but somehow i can't get it compiled :/

http://www.k-otik.com/exploits/08202004.brutessh2.c.php

CODE

[ezme@anonymous ezme]$ gcc brutessh2.c
brutessh2.c:24:27: libssh/libssh.h: No such file or directory
brutessh2.c:25:25: libssh/sftp.h: No such file or directory
brutessh2.c:41: parse error before '*' token
brutessh2.c: In function `shell':
brutessh2.c:46: `BUFFER' undeclared (first use in this function)
brutessh2.c:46: (Each undeclared identifier is reported only once
brutessh2.c:46: for each function it appears in.)
brutessh2.c:46: `readbuf' undeclared (first use in this function)
brutessh2.c:50: `CHANNEL' undeclared (first use in this function)
brutessh2.c:50: `channel' undeclared (first use in this function)
brutessh2.c:51: `session' undeclared (first use in this function)
brutessh2.c: In function `checkauth':
brutessh2.c:83: `SSH_SESSION' undeclared (first use in this function)
brutessh2.c:83: `session' undeclared (first use in this function)
brutessh2.c:84: `SSH_OPTIONS' undeclared (first use in this function)
brutessh2.c:84: `options' undeclared (first use in this function)
brutessh2.c:103: `AUTH_SUCCESS' undeclared (first use in this function)
[ezme@anonymous ezme]$

I'm pretty new to linux.. so I am willing to learn from it... Does somebody know how to fix it..? Or has somebody got an other scanner...? If so, I would like to take a look @ the source. Maybe there is a scanner that calls in a database of passwords?

Thank in advance..

Greats,

EzMe

belgther

Nov 3 2004, 01:24 PM

which linux version are you using?
or are you sure that you have installed ssh libraries?
you can update/reinstall your c libraries (glibc)... but don't forget to search for the missing files given in the error log... because it looks like these files have to be there if not you have to reinstall glibc

chrystalsky

Nov 3 2004, 08:48 PM

Well, try installing SSH and then try to recompile. It should work then.

Tuned

Nov 3 2004, 10:42 PM

you can use the passwddump file to get the hashes

EzMe

Nov 4 2004, 03:07 AM

QUOTE(belgther @ Nov 3 2004, 01:24 PM)

I was using RH9.0. Just had a major crash and hat to reinstall. Got Fedora Core 2 running now...

Im gonna try ur tips tnx

QUOTE(chrystalsky @ Nov 3 2004, 08:48 PM)

Well, try installing SSH and then try to recompile. It should work then.

Allready had sshd running :/

13055

Nov 4 2004, 01:37 PM

The packet u need is called libssh.

I think u will find it with ur packet management system

d3rm03p3r

Nov 4 2004, 02:28 PM

i'm not using rh, but it could also show up under ssh-devel... good luck

EzMe

Nov 8 2004, 03:22 PM

OK.. got it allmost sorted..

CODE

[ezme@localhost ezme]$ gcc -o brutessh2 brutessh2.c
brutessh2.c: In function `shell':
brutessh2.c:44: error: dereferencing pointer to incomplete type
[ezme@localhost ezme]$

Haven't got any clue.... :/

[edit] Got it compiled with cpp now.. it works.. tnx for the reply's

[/edit]

hks-3207

Nov 11 2004, 03:51 PM

[quote=EzMe,Nov 3 2004, 03:41 AM]
I am looking for a sshd bruteforcer. I found one on http://www.k-otik.com but somehow i can't get it compiled :/

http://www.k-otik.com/exploits/08202004.brutessh2.c.php

CODE

[ezme@anonymous ezme]$ gcc brutessh2.c
brutessh2.c:24:27: libssh/libssh.h: No such file or directory
brutessh2.c:25:25: libssh/sftp.h: No such file or directory

Well man, first of all is that u need those libraries, then u need to try to compile it again

[_-ViCiOuS-_]

Dec 17 2004, 03:02 PM

?
its easy to compile this

download libssh
unpack and install libssh(hope you know how to

)
then
<updatedb>
locate libssh.so
cp path/libssh.so /usr/lib/
gcc sshblaster2.c -o sshblaster2 -lssh

I don´t know why so many guys have troubles to compile that

_celso_

Dec 31 2004, 02:59 AM

libssh is available at http://www.0xbadc0de.be/libssh/ just untar (and ./configure make install) libssh in the same dir (it will create libssh dir) as sshbruteforce and it will compile ok.

Planquadrat

Jan 15 2005, 12:31 PM

last night me was boring and i wanted to test this brutssh on my sshd. i add my root login "checkauth("root","MYPASSWD",buff); " in the source and compile it without any problems. after than i've execute this one to get more infos how todo.

booster:~ >./brut
./bigssh <sship.txt>
by Zorg

now, i've stored my DNS IP , localhost in a sship.txt an exec. it again but nothing happen:

booster:~ >./brut sship.txt
nu pot deschide sship.txt <--- whatz that ???

what i've done wrong ? how must look sship.txt or is this brutssh only a fake and dosent really work.

thomas2342

Jan 16 2005, 11:57 AM

see the source, luke.

fulvioo

Jan 16 2005, 02:39 PM

Ok, bruteforce is lame.
This is a brazilian made script tested on slackware that blocks IPs that tried to bruteforce your computer using such scripts by iptables.

(I found interesting to put this code on this post) :P

CODE

#!/bin/sh
# Desenvolvido por José Roberto da Silva
# Testado no slackware 9 e 10.
#
####

tempip="/etc/rc.d/scripts/temp/blocked-ips.tmp";
blockip="/etc/rc.d/scripts/temp/blocked-ips";
script="/etc/rc.d/scripts/temp/fir_blocked";

# take all the IP that tried to bruteforce the users: guest/teste/admin (edit for your needs)

cat -n /var/log/messages | grep -P "(guest|test|admin|user)" | grep -i sshd | awk -F" " '{ print $11}' > $tempip;

# make a backupfaz of the blocked ips
if [ -f $blockip ]; then
cat $blockip >> $tempip;
fi

# remove double ips
sort -u $tempip | grep -v ^$ | grep -v user > $blockip;

# generates a script that blocks the IP trhough iptables
ips=$(cat $blockip);
echo "iptables -F INPUT" > $script;
for ip in $ips; do
blocked=("iptables -A INPUT -s $ip -j DROP")
echo $blocked >> $script
done
chmod +x $script
$script

buzzons

Jan 16 2005, 06:36 PM

personaly, i think the problem is that hes running Fedora

and not gentoo.. when will people learn

[_-ViCiOuS-_]

Jan 17 2005, 07:24 PM

i know that bruteforce is lame
it is realy funny that this bruteforcer was bei k-otik under exploits

do you know a new sshd exploit? x6 doesn´t work at all

duchp

Feb 6 2005, 12:58 PM

try to wget this tool at turbob.go.ro/TurboB.tgz
then type tar zxvf TurboB.tgz; cd ssh; ./assh ip

Don`t have to compile anymore ... Have fun ... However I didn't use it anymorE ... so boring

But if you like it ,,, try

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.