Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Full Disclosure: Full-Disclosure

SSHatter 0.6

  

 
Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded


timb at nth-dimension

Oct 6, 2007, 8:53 AM

Post #1 of 5 (714 views)
Permalink
SSHatter 0.6
All,

SSHatter, the SSH brute forcer is now up to release 0.6. New since the last
announcement include:

* Changes allowing rudimentary username enumeration via timing attacks (as
described in
http://www.securityfocus.com/archive/1/archive/1/448025/100/0/threaded) have
been implemented. These changes has been validated against OpenSSH 3.5p1.

* Targets and usernames are now specified in a file and targets can now be
specified one per line in the format <hostname>[:<portnumber>].

* Reconnection can optionally be enabled where support on connection failures
have occurred.

* A default passwords list (taken from
http://www.nth-dimension.org.uk/downloads.php?id=30) has also been added.

* Fixes for systems configured with AllowUsers have added as these systems do
not return "Permission denied" on Net::SSH::Perl->login().

This latest version can be downloaded from
http://www.nth-dimension.org.uk/downloads.php?id=34.

Remember, auditing systems without permission may be a crime, always read the
label.

Tim
--
Tim Brown
<mailto:timb[at]nth-dimension.org.uk>
<http://www.nth-dimension.org.uk/>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


full-disclosure at hushmail

Oct 7, 2007, 7:39 AM

Post #2 of 5 (660 views)
Permalink
Re: SSHatter 0.6 [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This tools seems useless.

On Sat, 06 Oct 2007 11:53:30 -0400 Tim Brown <timb[at]nth-
dimension.org.uk> wrote:
>All,
>
>SSHatter, the SSH brute forcer is now up to release 0.6. New
>since the last
>announcement include:
>
>* Changes allowing rudimentary username enumeration via timing
>attacks (as
>described in
>http://www.securityfocus.com/archive/1/archive/1/448025/100/0/threa
>ded) have
>been implemented. These changes has been validated against
>OpenSSH 3.5p1.
>
>* Targets and usernames are now specified in a file and targets
>can now be
>specified one per line in the format <hostname>[:<portnumber>].
>
>* Reconnection can optionally be enabled where support on
>connection failures
>have occurred.
>
>* A default passwords list (taken from
>http://www.nth-dimension.org.uk/downloads.php?id=30) has also been
>added.
>
>* Fixes for systems configured with AllowUsers have added as these
>systems do
>not return "Permission denied" on Net::SSH::Perl->login().
>
>This latest version can be downloaded from
>http://www.nth-dimension.org.uk/downloads.php?id=34.
>
>Remember, auditing systems without permission may be a crime,
>always read the
>label.
>
>Tim
>--
>Tim Brown
><mailto:timb[at]nth-dimension.org.uk>
><http://www.nth-dimension.org.uk/>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5

wpwEAQECAAYFAkcI76wACgkQ+dWaEhErNvSKMgP/Wdbi++Go+XYTWHPx3MT74qPyha/t
xSv8IMyt6zvck+h44OPeKMEQAT0Z0beMVs2b1WZd1MdcBKjV5eL+BR//bf1uvbPzlO6n
IqV2qETwAMDb65TvOH3Eta4t3Mvf0MokFOMrIMVGN0bENcHIOWkApU7myfB1HJBlPJLh
ajfUYTI=
=66BE
-----END PGP SIGNATURE-----

--
Take a perfect family vacation to Orlando. Click Here.
http://tagline.hushmail.com/fc/Ioyw6h4eQYIF65eSQFBVR6wwgXlRkYwvCKN6EgiDiF407FG2t8YUK8/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


phioust at gmail

Oct 7, 2007, 12:23 PM

Post #3 of 5 (656 views)
Permalink
Re: SSHatter 0.6 [In reply to]
Who does a tool like this help?

I would hope that the professionals on this list would not rely on weak
password combinations for access into systems.
That leads me to believe that this will only help script kiddies and flood
my ssh logs with more root:root and mysql:mysql failed ssh attempts.

On top of that your idea is not original all you did was rip the sshbrute of
the great tal0n [1]

I would hope for now on that you do not flood the list with such script
kiddie tools and reserve them instead for the milw0rm crowd

[1] http://www.encyclopediadramatica.com/Tal0n


ghosts at gmail

Oct 7, 2007, 3:44 PM

Post #4 of 5 (657 views)
Permalink
Re: SSHatter 0.6 [In reply to]
Professionals don't care about finding elegant ways into systems,
they're there to GET into systems. Rethink your assessment.

On 10/7/07, phioust <phioust[at]gmail.com> wrote:
> Who does a tool like this help?
>
> I would hope that the professionals on this list would not rely on weak
> password combinations for access into systems.
> That leads me to believe that this will only help script kiddies and flood
> my ssh logs with more root:root and mysql:mysql failed ssh attempts.
>
> On top of that your idea is not original all you did was rip the sshbrute of
> the great tal0n [1]
>
> I would hope for now on that you do not flood the list with such script
> kiddie tools and reserve them instead for the milw0rm crowd
>
> [1] http://www.encyclopediadramatica.com/Tal0n
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


hdw at kallisti

Oct 7, 2007, 3:50 PM

Post #5 of 5 (665 views)
Permalink
Re: SSHatter 0.6 [In reply to]
phioust wrote:
> Who does a tool like this help?
>
> I would hope that the professionals on this list would not rely on weak
> password combinations for access into systems.
Several of those professionals have to administer or otherwise deal with
systems, admins and users who are not as enlighted.

There are better tools, but don't dismiss tools based on the assumption
that people are to 'smart to fall for that'.

One of the biggest problems is that the generic admin/user isn't.

> That leads me to believe that this will only help script kiddies and
> flood my ssh logs with more root:root and mysql:mysql failed ssh attempts.
There are several good tools to get rid of that.

Just drop unwanted bruteforce scans in a nice 'block drop' hole.
You'll never see them again.
--
// hdw

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.