两款SSH爆破工具的介绍:hydra+medusa
一、Hydra
安装Hydra首先我们需要安装ssh组件 下载安装libssh:
?
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | wget http: //www .libssh.org /files/0 .4 /libssh-0 .4.8. tar .gz tar zxvf libssh-0.4.8. tar .gz cd libssh-0.4.8 mkdir build cd build cmake -DCMAKE_INSTALL_PREFIX= /usr -DCMAKE_BUILD_TYPE=Debug -DWITH_SSH1=ON .. make make install |
下载安装hydra
?
1 2 3 4 5 6 7 8 9 10 11 | wget http: //freeworld .thc.org /releases/hydra-6 .3-src. tar .gz tar zxf hydra-6.3-src. tar .gz cd hydra-6.3-src . /configure make make install |
使用 hydra 127.0.0.2 ssh -l root -P pass.txt // pass.txt为爆破字典 二、medusa wget <a href="http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz">http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz</a> tar -zxvf medusa-2.1.1.tar.gz cd medusa-2.1.1 ./configure make make install 安装完成,查看medusa目前支持哪些模块
?
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | root@ubuntu: /home/goderci/Desktop/tools/medusa-2 .1.1 # medusa -d Medusa v2.1.1 [http: //www .foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net< /a >> Available modules in "." : Available modules in "/usr/local/lib/medusa/modules" : + cvs.mod : Brute force module for CVS sessions : version 2.0 + <a href= "ftp://ftp.mod/" > ftp .mod< /a > : Brute force module for FTP /FTPS sessions : version 2.1 + imap.mod : Brute force module for IMAP sessions : version 2.0 + mysql.mod : Brute force module for MySQL sessions : version 2.0 + nntp.mod : Brute force module for NNTP sessions : version 2.0 + pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0 + pop3.mod : Brute force module for POP3 sessions : version 2.0 + rexec.mod : Brute force module for REXEC sessions : version 2.0 + rlogin.mod : Brute force module for RLOGIN sessions : version 2.0 + rsh.mod : Brute force module for RSH sessions : version 2.0 + smtp-vrfy.mod : Brute force module for enumerating accounts via SMTP VRFY : version 2.0 + smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0 + snmp.mod : Brute force module for SNMP Community Strings : version 2.1 + ssh .mod : Couldn't load "/usr/local/lib/medusa/modules/ssh.mod" [ /usr/local/lib/medusa/modules/ssh .mod: file too short] + telnet.mod : Brute force module for telnet sessions : version 2.0 + vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0 + vnc.mod : Brute force module for VNC sessions : version 2.0 + wrapper.mod : Generic Wrapper Module : version 2.0 |
这里提醒注意一下: 虽然已安装了libssh但是找不到ssh路径,这需要我们手工添加一个。etc 目录 下面有一个 叫 ld.so.conf 的文件,指明 so 文件默认路径 ,一般的是 lib 和 usr lib ,编译出来的装在 usr local lib下了,所以要加一个,然后运行ldconfig,操作如下:
?
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | cat /etc/ld .so.conf include ld.so.conf.d/*.conf ls ld.so.conf.d/ echo /usr/local/lib > /etc/ld .so.conf.d /local .conf cat /etc/ld .so.conf.d/* /usr/local/lib /usr/lib/mysql /usr/lib/qt-3 .3 /lib ls -l /usr/local/lib/libssh * -rw-r--r-- 1 root root 752936 06-25 14:33 /usr/local/lib/libssh2 .a -rwxr-xr-x 1 root root 827 06-25 14:33 /usr/local/lib/libssh2 .la lrwxrwxrwx 1 root root 16 06-25 14:33 /usr/local/lib/libssh2 .so -> libssh2.s o.1.0.1 lrwxrwxrwx 1 root root 16 06-25 14:33 /usr/local/lib/libssh2 .so.1 -> libssh2 .so.1.0.1 -rwxr-xr-x 1 root root 494064 06-25 14:33 /usr/local/lib/libssh2 .so.1.0.1 ldconfig |
在重新安装一次medusa就行了:) 使用:
medusa -H ip.txt -u root -P p.txt -M ssh
转载自:http://www.2cto.com/article/201308/235377.html