Hey guys,
I have reading that there are many hacking groups using compromised servers to host malwares or to use as C2, usually, compromised by SSH (I bet).
I need some servers to host my malwares in a phishing, so I started bruteforcing to a huge amount of IPs accross many countries, always using root username and rockyou wordlist.
The fact is, find out ssh servers with fragile password have been so hard that drive me to think bruteforce is almost a myth! The probability to find a password usage in rockyou list is really few.
I was getting the IPs from shodan now I'm getting the IPs from bgp.he.net and scaning all the IP range looking for week SSH passwords.
In a total, I think I have scanned almost 8k IP address and get just 2 servers!!! HOLLY SHIT! 8k IP address scanned and just 2 bruteforce matched!!!
What am I doing wrong? How hackers group do i "easily"?
Thanks
I have reading that there are many hacking groups using compromised servers to host malwares or to use as C2, usually, compromised by SSH (I bet).
I need some servers to host my malwares in a phishing, so I started bruteforcing to a huge amount of IPs accross many countries, always using root username and rockyou wordlist.
The fact is, find out ssh servers with fragile password have been so hard that drive me to think bruteforce is almost a myth! The probability to find a password usage in rockyou list is really few.
I was getting the IPs from shodan now I'm getting the IPs from bgp.he.net and scaning all the IP range looking for week SSH passwords.
In a total, I think I have scanned almost 8k IP address and get just 2 servers!!! HOLLY SHIT! 8k IP address scanned and just 2 bruteforce matched!!!
What am I doing wrong? How hackers group do i "easily"?
Thanks
