Re: SSH bruteforce on its way...

Valdis.Kletnieks_at_vt.edu
Date: 10/25/05

  • Next message: Michael.Lang_at_jackal-net.at: "Re: SSH bruteforce on its way..."
    To: jouser@gmail.com
    Date: Mon, 24 Oct 2005 23:13:46 -0400
    
    
    

    On Fri, 21 Oct 2005 18:05:27 -0000, jouser@gmail.com said:
    > I didn't think it was possible to determine valid usernames by themselves? You
    > either have a valid username AND password or not.

    So you take the list of 30-40 "installed by default" userids, add a list of 100
    or so common first names/last names, prepend/append a single letter (i.e.
    starting with "john" and "smith", also try "jsmith" and "johns"). Then try
    each of those with a list of common passwords. If you're *really* 31337, you
    apply the SSH timing hole to possibly identify valid userids - but it really
    isn't needed because it's just as cheap to just try all 40,000 combinations of
    userid/password (remember, you're doing this from somebody else's compromised
    system).

    
    



  • Next message: Michael.Lang_at_jackal-net.at: "Re: SSH bruteforce on its way..."