• We just launched and are currently in beta. Join us as we build and grow the community.

SSB – A Fastest Secure Shell Brute Forcer

jsavaged

Intrusion Tester
J
J Rep
0
0
0
Rep
0
J Vouches
0
0
0
Vouches
0
Posts
176
Likes
98
Bits
0
1 MONTH
1 1 MONTH OF SERVICE
LEVEL 1 400 XP
Black-and-Orange-Protected-Security-Yard-Sign.png


Hey Folks, in this tutorial we are going to talk about a secure shell brute forcing tool called “ssb“. It’s an fastest and simplest way to brute force on SSH server by using ssb tool. Although there are many tools to crack the password of SSH server, but it gives us a convenient interface. We assume that you know about SSH Server, so we will move towards the installation of the tool.

Let’s take a look 😛 !!

Install Golang

Originally the tool is designed in GO language, so we have to install “Golang” tool in our kali linux system to operate this tool.

apt install golang -y1apt install golang-y

1.png

Tool Installation

Curl utility is already installed in the kali linux, so you need to execute both these commands sequentially to install and configure this tool.

curl -sSfL 'https://git.io/kitabisa-ssb' | sh -s -- -b /usr/local/bin
GO111MODULE=on go get ktbs.dev/ssb12curl-sSfL'https://git.io/kitabisa-ssb'|sh-s---b/usr/local/binGO111MODULE=on go get ktbs.dev/ssb

2.png


Woooo 😛 !! The tool is now ready to fly in kali linux. Now you can execute the following command anywhere on the terminal of kali linux and operate this tool.

ssb -h1ssb-h

3.png

Start Brute Forcing

We have already configured SSH server on our second machine and now we will try to crack the password. You need to place your wordlist after the “-w” parameter. You can use various tools like cupp, cewl etc. to create a wordlist. As soon as the password matches, it gives us a “connected” signal at the terminal as you can see in the image below.

Usage 😛 !! ssb -w < your wordlist > @ < IP >

ssb -w word.txt [email protected] [email protected]

4.png

Port Forwarding

Sometimes developers change the server’s port number for security reasons and as you can see in the image below that the port number of the SSH server has been changed from 22 to 20.

5.png


If the port has moved to another port number then you will have to mention in the command by adding the “-p” parameter.

Usage 😛 !! ssb -p < changed port number > -w < your wordlist > @

ssb -p 20 -w word.txt [email protected] [email protected]

6.png

Threat level

Apart from this, you can change, add and modify other settings like threat level etc according to you.

ssb -p 20 -w word.txt -t 1m -c 1000 [email protected]@192.168.1.8

7.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

413,805

309,534

309,543

J jonia
Top