[EzMe]

I am looking for a sshd bruteforcer. I found one on http://www.k-otik.com but somehow i can't get it compiled :/

http://www.k-otik.co...brutessh2.c.php

[ezme@anonymous ezme]$ gcc brutessh2.c
brutessh2.c:24:27: libssh/libssh.h: No such file or directory
brutessh2.c:25:25: libssh/sftp.h: No such file or directory
brutessh2.c:41: parse error before '*' token
brutessh2.c: In function `shell':
brutessh2.c:46: `BUFFER' undeclared (first use in this function)
brutessh2.c:46: (Each undeclared identifier is reported only once
brutessh2.c:46: for each function it appears in.)
brutessh2.c:46: `readbuf' undeclared (first use in this function)
brutessh2.c:50: `CHANNEL' undeclared (first use in this function)
brutessh2.c:50: `channel' undeclared (first use in this function)
brutessh2.c:51: `session' undeclared (first use in this function)
brutessh2.c: In function `checkauth':
brutessh2.c:83: `SSH_SESSION' undeclared (first use in this function)
brutessh2.c:83: `session' undeclared (first use in this function)
brutessh2.c:84: `SSH_OPTIONS' undeclared (first use in this function)
brutessh2.c:84: `options' undeclared (first use in this function)
brutessh2.c:103: `AUTH_SUCCESS' undeclared (first use in this function)
[ezme@anonymous ezme]$

I'm pretty new to linux.. so I am willing to learn from it... Does somebody know how to fix it..? Or has somebody got an other scanner...? If so, I would like to take a look @ the source. Maybe there is a scanner that calls in a database of passwords?

Thank in advance..

Greats,

EzMe

[belgther]

which linux version are you using?
or are you sure that you have installed ssh libraries?
you can update/reinstall your c libraries (glibc)... but don't forget to search for the missing files given in the error log... because it looks like these files have to be there if not you have to reinstall glibc

[chrystalsky]

Well, try installing SSH and then try to recompile. It should work then.

[Tuned]

you can use the passwddump file to get the hashes

[EzMe]

belgther, on Nov 3 2004, 01:24 PM, said:

which linux version are you using?
or are you sure that you have installed ssh libraries?
you can update/reinstall your c libraries (glibc)... but don't forget to search for the missing files given in the error log... because it looks like these files have to be there if not you have to reinstall glibc

<{POST_SNAPBACK}>

I was using RH9.0. Just had a major crash and hat to reinstall. Got Fedora Core 2 running now...

Im gonna try ur tips tnx :)

chrystalsky, on Nov 3 2004, 08:48 PM, said:

Well, try installing SSH and then try to recompile. It should work then.

<{POST_SNAPBACK}>

Allready had sshd running :/

[13055]

The packet u need is called libssh.

I think u will find it with ur packet management system

[d3rm03p3r]

i'm not using rh, but it could also show up under ssh-devel... good luck

[EzMe]

OK.. got it allmost sorted..

[ezme@localhost ezme]$ gcc -o brutessh2 brutessh2.c
brutessh2.c: In function `shell':
brutessh2.c:44: error: dereferencing pointer to incomplete type
[ezme@localhost ezme]$

Haven't got any clue.... :/


[edit] Got it compiled with cpp now.. it works.. tnx for the reply's :) [/edit]

[hks-3207]

[quote=EzMe,Nov 3 2004, 03:41 AM]
I am looking for a sshd bruteforcer. I found one on http://www.k-otik.com but somehow i can't get it compiled :/

http://www.k-otik.co...brutessh2.c.php

[ezme@anonymous ezme]$ gcc brutessh2.c
brutessh2.c:24:27: libssh/libssh.h: No such file or directory
brutessh2.c:25:25: libssh/sftp.h: No such file or directory

Well man, first of all is that u need those libraries, then u need to try to compile it again

[[_-ViCiOuS-_]]

?
its easy to compile this :D
download libssh
unpack and install libssh(hope you know how to :D )
then
<updatedb>
locate libssh.so
cp path/libssh.so /usr/lib/
gcc sshblaster2.c -o sshblaster2 -lssh

I don�t know why so many guys have troubles to compile that

[Planquadrat]

last night me was boring and i wanted to test this brutssh on my sshd. i add my root login "checkauth("root","MYPASSWD",buff); " in the source and compile it without any problems. after than i've execute this one to get more infos how todo.

booster:~ >./brut
./bigssh <sship.txt>
by Zorg

now, i've stored my DNS IP , localhost in a sship.txt an exec. it again but nothing happen:

booster:~ >./brut sship.txt
nu pot deschide sship.txt <--- whatz that ???

what i've done wrong ? how must look sship.txt or is this brutssh only a fake and dosent really work.

[thomas2342]

see the source, luke.

[fulvioo]

Ok, bruteforce is lame.
This is a brazilian made script tested on slackware that blocks IPs that tried to bruteforce your computer using such scripts by iptables.

(I found interesting to put this code on this post) :P

#!/bin/sh
# Desenvolvido por Jos� Roberto da Silva
# Testado no slackware 9 e 10.
#
####

tempip="/etc/rc.d/scripts/temp/blocked-ips.tmp";
blockip="/etc/rc.d/scripts/temp/blocked-ips";
script="/etc/rc.d/scripts/temp/fir_blocked";

# take all the IP that tried to bruteforce the users: guest/teste/admin (edit for your needs)

cat -n /var/log/messages | grep -P "(guest|test|admin|user)" | grep -i sshd | awk -F" " '{ print $11}' > $tempip;

# make a backupfaz of the blocked ips
if [ -f $blockip ]; then
 � cat $blockip >> $tempip; � � � � � �
fi

# remove double ips
sort -u $tempip | grep -v ^$ | grep -v user > $blockip;

# generates a script that blocks the IP trhough iptables
ips=$(cat $blockip); 
echo "iptables -F INPUT" > $script;
for ip in $ips; do
 �blocked=("iptables -A INPUT -s $ip -j DROP")
 �echo $blocked >> $script
done
chmod +x $script
$script

[buzzons]

personaly, i think the problem is that hes running Fedora :P and not gentoo.. when will people learn ^_^